CVE-2019-1161
First published: Wed Aug 14 2019(Updated: )
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Windows Defender | ||
| Microsoft Windows 10 | ||
| Microsoft Windows 10 | =1607 | |
| Microsoft Windows 10 | =1703 | |
| Microsoft Windows 10 | =1709 | |
| Microsoft Windows 7 | =sp1 | |
| Microsoft Windows 8.1 | ||
| Microsoft Windows RT 8.1 | ||
| Microsoft Windows Server 2008 | =sp2 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2008 | =r2-sp1 | |
| Microsoft Windows Server 2012 | ||
| Microsoft Windows Server 2012 | =r2 | |
| Microsoft Windows Server 2016 | ||
| Microsoft Forefront Endpoint Protection 2010 | ||
| Microsoft Security Essentials | ||
| Microsoft System Center Endpoint Protection | ||
| Microsoft System Center Endpoint Protection | =2012 | |
| Microsoft System Center Endpoint Protection | =2012-r2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-1161?
CVE-2019-1161 is an elevation of privilege vulnerability in Microsoft Defender.
How does CVE-2019-1161 affect Windows Defender?
CVE-2019-1161 allows attackers to delete files in arbitrary locations using the MpSigStub.exe component of Windows Defender.
Who can exploit CVE-2019-1161?
To exploit CVE-2019-1161, an attacker would first need to log on to the system.
What is the severity of CVE-2019-1161?
CVE-2019-1161 is classified as a high severity vulnerability with a severity value of 7.1.
Where can I find more information about CVE-2019-1161?
More information about CVE-2019-1161 can be found at the following reference: [CVE-2019-1161](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1161)
- agent/event
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/description
- agent/first-publish-date
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/microsoft
- canonical/microsoft windows defender
- canonical/microsoft windows 10
- version/microsoft windows 10/1607
- version/microsoft windows 10/1703
- version/microsoft windows 10/1709
- canonical/microsoft windows 7
- version/microsoft windows 7/sp1
- canonical/microsoft windows 8.1
- canonical/microsoft windows rt 8.1
- canonical/microsoft windows server 2008
- version/microsoft windows server 2008/sp2
- version/microsoft windows server 2008/r2-sp1
- canonical/microsoft windows server 2012
- version/microsoft windows server 2012/r2
- canonical/microsoft windows server 2016
- canonical/microsoft forefront endpoint protection 2010
- canonical/microsoft security essentials
- canonical/microsoft system center endpoint protection
- version/microsoft system center endpoint protection/2012
- version/microsoft system center endpoint protection/2012-r2