Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1488: Microsoft Defender Security Feature Bypass Vulnerability

Back to Search

Microsoft CVE-2019-1488: Microsoft Defender Security Feature Bypass Vulnerability

Severity
2
CVSS
(AV:L/AC:L/Au:N/C:N/I:P/A:N)
Published
12/10/2019
Created
12/11/2019
Added
12/10/2019
Modified
11/18/2021

Description

A security feature bypass vulnerability exists when Microsoft Defender improperly handles specific buffers. An attacker could exploit the vulnerability to trigger warnings and false positives when no threat is present. To exploit the vulnerability, an attacker would first require execution permissions on the victim system. The security update addresses the vulnerability by ensuring Microsoft Defender properly handles these buffers.

Solution(s)

  • msft-kb4530681-0c00c48e-429c-44ad-bb20-a002317d7ef2
  • msft-kb4530681-cab09647-3de1-4fa5-86ff-43f42248da5b
  • msft-kb4530684-23df10e6-4bbe-4879-b964-a764873d48f4
  • msft-kb4530684-56f74c2f-f41b-4484-8172-6a136360031b
  • msft-kb4530684-5db85b37-63ff-4e38-b386-0e49dee65613
  • msft-kb4530684-917e2475-9fba-411d-9308-1a21925a9e6c
  • msft-kb4530684-af0c14d2-ca3c-4734-b7df-fb681347db92
  • msft-kb4530684-f82cd7d6-31bf-445d-9eb0-580f5caf4345
  • msft-kb4530689-4a482324-88ce-4271-9777-d63e0afbd360
  • msft-kb4530689-74d36f3f-fa38-4304-a739-ae07c7d3480c
  • msft-kb4530689-acded10d-a3f9-4c4f-ac7a-f410b38098f9
  • msft-kb4530692-43dfa206-3c9d-449d-bcb8-c667f99be817
  • msft-kb4530692-47d8e252-ac6d-4d07-ba30-3789160c200b
  • msft-kb4530692-9714c8b1-3b21-484e-9849-9c1e471537b6
  • msft-kb4530692-cf411479-9655-47df-bfa3-62b6deab32b8
  • msft-kb4530692-d191ebc8-0d63-43ce-b908-f92f1fd27310
  • msft-kb4530692-ee1100b1-b2ab-4248-a77f-5d273d279545
  • msft-kb4530698-4356072d-70cf-414d-bdb4-86aea3573cd6
  • msft-kb4530698-44e206f2-1c55-40c0-a3ce-08c5fc121314
  • msft-kb4530698-a5a266c2-dd84-4b48-8b38-573ab428444b
  • msft-kb4530714-37a011b3-c721-4d33-99c2-5d29f2f2f7b7
  • msft-kb4530714-d502a0ca-5d93-40ef-9498-af2adefe51fc
  • msft-kb4530715-5727ed9e-913c-486d-bb4e-d009291f655a
  • msft-kb4530715-76364aa0-71b3-458b-8b51-debf75b3f26d
  • msft-kb4530715-8422f4e2-efbf-4717-8667-3fb7c444943c
  • msft-kb4530717-7ed36733-5a55-4c21-8cbd-2481443e6ed9
  • msft-kb4530717-e497e961-edce-4a33-826b-71d43731218d
  • msft-kb4530717-e5ef643d-05f6-41a4-991a-8380ec8ddaa2
  • msft-kb4530719-4b41c5d5-e946-4ff0-959e-3091dfaaeb07
  • msft-kb4530719-990a741a-b9cf-4334-b749-fd3d2e598a1d
  • msft-kb4530719-a4ac97fc-fe65-4b2d-9ea0-fc14c543e7a9
  • msft-kb4530730-21a243ba-4a7f-4ced-b416-fc7b13fd9bb4
  • msft-kb4530730-26757e13-8369-4e19-813d-bf1e73370c55
  • msft-kb4530730-41322212-5351-4586-b7bf-09231644bcd9

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;