Windows Defender
CVE-2013-3154
MEDIUM
Severity by source
AV:L/AC:M/Au:N/C:C/I:C/A:C
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
AV:L/AC:M/Au:N/C:C/I:C/A:C
Lifecycle Timeline
1DescriptionCVE.org
The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability."
AnalysisAI
The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan. Rated medium severity (CVSS 6.9). No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-264. The signature-update functionality in Windows Defender on Microsoft Windows 7 and Windows Server 2008 R2 relies on an incorrect pathname, which allows local users to gain privileges via a Trojan horse application in the %SYSTEMDRIVE% top-level directory, aka "Microsoft Windows 7 Defender Improper Pathname Vulnerability." Affected products include: Microsoft Windows Defender, Microsoft Windows 7, Microsoft Windows Server 2008.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Windows Defender
View allThe Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on 32-bit versions of Micr
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a speci
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To e
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
The Microsoft Malware Protection Engine running on Microsoft Forefront and Microsoft Defender on Microsoft Windows Serve
Microsoft Windows Defender Elevation of Privilege Vulnerability. Rated high severity (CVSS 7.8), this vulnerability is l
Same technique Privilege Escalation
View allShare
External POC / Exploit Code
Leaving vuln.today