CVE-2021-34471 – Microsoft Windows Defender Elevation of Privilege Vulnerability
https://notcve.org/view.php?id=CVE-2021-34471
Microsoft Windows Defender Elevation of Privilege Vulnerability Una Vulnerabilidad de Elevación de Privilegios de Microsoft Windows Defender This vulnerability allows local attackers to create a denial-of-service condition on affected installations of Microsoft Windows. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within Windows Defender. By creating a directory junction, an attacker can abuse Windows Defender to delete a file. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34471 • CWE-269: Improper Privilege Management •
CVE-2021-34522 – Microsoft Defender Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34522
Microsoft Defender Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Defender. Este ID de CVE es diferente de CVE-2021-34464 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34522 •
CVE-2021-31985 – Microsoft Defender Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31985
Microsoft Defender Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Defender ASProtect embeds a runtime DLL that is susceptible to memory corruption. Crash testcase provided. • http://packetstormsecurity.com/files/163443/MpEngine-ASProtect-Embedded-Runtime-DLL-Memory-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31985 •
CVE-2021-31978 – Microsoft Defender Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2021-31978
Microsoft Defender Denial of Service Vulnerability Una vulnerabilidad de Denegación de Servicio en Microsoft Defender • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31978 •
CVE-2017-11940
https://notcve.org/view.php?id=CVE-2017-11940
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Windows 7 SP1, Windows 8.1, Windows RT 8.1, Windows 10 Gold, 1511, 1607, and 1703, 1709 and Windows Server 2016, Windows Server, version 1709, Microsoft Exchange Server 2013 and 2016, does not properly scan a specially crafted file leading to remote code execution. aka "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". This is different than CVE-2017-11937. Microsoft Malware Protection Engine, tal y como se ejecuta en Microsoft Forefront y Microsoft Defender en Windows 7 SP1; Windows 8.1; Windows RT 8.1; Windows 10 Gold, 1511, 1607 y 1703, 1709 y Windows Server 2016; Windows Server versión 1709 y Microsoft Exchange Server 2013 y 2016, no escanea correctamente un archivo especialmente manipulado. Esto conduce a la ejecución remota de código. Esto también se conoce como "Microsoft Malware Protection Engine Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/102104 http://www.securitytracker.com/id/1039972 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11940 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •