Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

mardi 9 mai 2017

Critical Microsoft Scripting Engine Memory Corruption Vulnerability (CERT-EU Security Advisory 2017-011)

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file leading to memory corruption. An attacker who successfully exploits this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Lien vers l'article source

Auteur: Cert EU

Catégories: CertEUNombre de vues: 233

x

Événements SSI