Описание
Microsoft Defender for Endpoint Spoofing Vulnerability
FAQ
According to the CVSS metric, the attack complexity is high (AC:H). What does that mean for this vulnerability?
Successful exploitation of this vulnerability requires an attacker to gather information specific to the environment of the targeted component.
How can I verify that the update is installed?
Customers wanting to ensure the client has been updated can run the MDE Client Analyzer on the device. When running the analyzer on a Windows device that does not have the security update, the analyzer will present a warning (ID 121035) indicating missing patch and directing to relevant online article. Additionally, if the update is installed, but the Anti-Spoofing capability is not in a stable state, the analyzer will present warning (ID 121036) indicating an issue and providing additional online guidance or callout to reach out to Microsoft support if issue persists.
Where can I get more information?
For more information, please see the blog post here.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Defender for Endpoint for Windows | - | |
| Microsoft Defender for Endpoint for Mac | ||
| Microsoft Defender for Endpoint for Linux | ||
| Microsoft Defender for Endpoint for Android | - | |
| Microsoft Defender for Endpoint for iOS | - | |
| Microsoft Defender for Endpoint for Windows on Windows 10 Version 20H2 for 32-bit Systems | ||
| Microsoft Defender for Endpoint for Windows on Windows Server, version 20H2 (Server Core Installation) | ||
| Microsoft Defender for Endpoint for Windows on Windows 10 Version 20H2 for ARM64-based Systems | ||
| Microsoft Defender for Endpoint for Windows on Windows 10 Version 1909 for ARM64-based Systems | ||
| Microsoft Defender for Endpoint for Windows on Windows 10 Version 1909 for x64-based Systems |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
Microsoft Defender for Endpoint Spoofing Vulnerability.
Уязвимость Защитника Microsoft (Microsoft Defender for Endpoint) операционной системы Microsoft Windows, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.9 Medium
CVSS3