A new Antimalware Engine release from Microsoft is designed to patch a vulnerability impacting Microsoft Security Essentials, among other security products from the Redmond company.
The software giant published Security Advisory (2491888) on February 23rd, 2011, providing details of a vulnerability affecting the Microsoft Malware Protection Engine which could allow a potential attacker to gain elevation of privilege if exploited successfully.
The company notes that it’s not aware of any attacks targeting the security flaw, or of any exploits in the wild.
In addition to Microsoft Security Essentials, additional impacted products are Windows Live OneCare, Windows Defender, Forefront Client Security, Forefront Endpoint Protection 2010. Malicious Software Removal Tool.
The vulnerability is rated only Important as it does not allow for remote code execution even if an exploit is successful.
“The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key.
“An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users,” Microsoft noted.
According to the software giant, all its security products that share antimalware engine version 1.1.6502.0 contain the vulnerability.
A patch addressing this issue was built into the latest release of the antimalware engine, 1.1.6603.0.
Microsoft noted that it was right on track to delivering the update on February 23rd, 2011, but has not yet confirmed that the refresh is live.
“As part of regular update of our antimalware technology to address the latest in the threat landscape, MMPC is planning to release a new antimalware engine on 23 February 2011.
“Affected products: Microsoft Security Essentials (MSE), Forefront Client Security (FCS), Forefront Endpoint Security. Engine Version will be in the range of 1.1.660X.0,” the company said last week.
Microsoft Security Essentials (MSE) 2.0 RTM is available for download here.