Microsoft Defender Denial of Service Vulnerability [CVE-2019-1255]

CVE number – CVE-2019-1255

A denial of service vulnerability exists when Microsoft Defender improperly handles files. An attacker could exploit the vulnerability to prevent legitimate accounts from executing legitimate system binaries.

To exploit the vulnerability, an attacker would first require execution on the victim system.

The security update addresses the vulnerability by ensuring Microsoft Defender properly handles files.

Last version of the Microsoft Malware Protection Engine
affected by this vulnerability
Version 1.1.16300.1
First version of the Microsoft Malware Protection Engine with this vulnerability addressedVersion 1.1.16400.2

Mitigations

Microsoft has not identified any mitigating factors for this vulnerability.

Workarounds

Microsoft has not identified any workarounds for this vulnerability.

Further details – https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1255

Duncan Newell

Duncan is a technology professional with over 20 years experience of working in various IT roles. He has a interest in cyber security, and has a wide range of other skills in radio, electronics and telecommunications.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: