Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Windows Defender 不正确的路径名称漏洞
Vulnerability Description
Microsoft Windows是美国微软(Microsoft)公司发布的一系列操作系统。 Microsoft Windows 7和Windows Server 2008 R2中的Windows Defender中的signature-update功能中存在特权提升漏洞。成功利用此漏洞的攻击者可以在LocalSystem帐户的安全上下文中执行任意代码并完全控制系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。攻击者必须拥有有效的登录凭据才能利用此漏洞。匿名用户无法利用此
CVSS Information
N/A
Vulnerability Type
N/A