Schweregrad:: Niedrig
  CVE Kennungen:: CVE-2013-3154
  Hinweisdatum: 14 August 2013

  Beschreibung

This security update resolves a privately reported vulnerability in Windows Defender for Windows 7 and Windows Defender when installed on Windows Server 2008 R2. The vulnerability could allow elevation of privilege due to the pathnames used by Windows Defender. An attacker who successfully exploited this vulnerability could execute arbitrary code and take complete control of an affected system. The attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. An attacker must have valid logon credentials to exploit this vulnerability. The vulnerability could not be exploited by anonymous users.

  Lösungen

  Betroffene Software und Version:

  • Windows 7 for 32-bit Systems Service Pack 1
  • Windows 7 for x64-based Systems Service Pack 1
  • Windows Server 2008 R2 for x64-based Systems Service Pack 1