Main Vulnerability Database Vulnerabilities #VU23504

Security Features in Windows and Windows Server - CVE-2019-1488

Published: December 10, 2019

Vulnerability identifier: #VU23504

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2019-1488

CWE-ID: CWE-254

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Microsoft

Affected software:
Windows
Windows Server

Detailed vulnerability description

The vulnerability allows a local user to bypass security features on the target system.

The vulnerability exists due to the Microsoft Defender improperly handles specific buffers. A local user can trigger warnings and false positives when no threat is present.

To exploit the vulnerability, an attacker would first require execution permissions on the victim system.

How to mitigate CVE-2019-1488

Install updates from vendor's website.

Sources

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1488

Security Features in Windows and Windows Server - CVE-2019-1488

Detailed vulnerability description

How to mitigate CVE-2019-1488

Sources

Please verify you're human