Vigil@nce - Windows Defender: privilege escalation via pathname
July 2013 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
A local attacker can use a special pathname, in order to escalate
his privileges via Windows Defender.
Impacted products: Windows 2008, Windows 7
Severity: 2/4
Creation date: 09/07/2013
DESCRIPTION OF THE VULNERABILITY
The Windows Defender product is an antimalware.
It installs a service on Windows. However, when it starts, it does
not correctly check a program pathname.
A local attacker can therefore use a special pathname, in order to
escalate his privileges via Windows Defender.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/Windows-Defender-privilege-escalation-via-pathname-13086