Microsoft Fixes 'Elevation of Privilege' Vulnerability in Its Malware Protection Engine (SA2491888)

Microsoft has patched a bug in its Malware Protection Engine that could be used as a stepping stone for an attacker looking to seize control of a Windows box. It's what's known as an elevation of privilege vulnerability -- something that could be used by an attacker who already has access to the Windows system […]

Microsoft has patched a bug in its Malware Protection Engine that could be used as a stepping stone for an attacker looking to seize control of a Windows box. It's what's known as an elevation of privilege vulnerability -- something that could be used by an attacker who already has access to the Windows system to gain complete administrative control.

Microsoft hasn't seen anyone take advantage of the bug yet -- the flaw was reported to the company by security researcher Cesar Cerrudo -- but Microsoft thinks that hackers could develop code that reliably exploits the issue.

In an instant message interview, Cerrudo, the CEO of security research firm Argeniss, said he disclosed the bug publicly at the Black Hat security conference in July 2010. But because the hacker would already need have access to the machine to pull off this attack, he doesn't believe that it presents a major security risk to most users.

"This vulnerability could be exploited remotely, for instance on Internet Information Server, but the attacker will need to be able to upload an execute code on IIS," he said. "Sites that allow users to upload Web pages, they are more at risk."

Microsoft rates the issue as "important."

[tags]malware protection engine,elevation privilege,antimalware,anitvirus,anti-virus,scanning engine,black hat,hackers,hacking[/tags]

[Source, Via]