Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS) - Microsoft

Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Al

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Windows & DOS: Issues & Discussions Security Advisories (RSS) - Microsoft Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Al
# 1  
Old 02-23-2011
Microsoft Security Advisory (2491888): Vulnerability in Microsoft Malware Protection Engine Could Al
Revision Note: V1.0 (February 23, 2011): Advisory published. Advisory Summary:Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. The update addresses a privately reported vulnerability that could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key. An attacker who successfully exploited the vulnerability could gain the same user rights as the LocalSystem account. The vulnerability could not be exploited by anonymous users.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread
Login or Register to Ask a Question

LEARN ABOUT DEBIAN

ms_isa2dlf

MS_ISA2DLF.IN(1)					  LogReport's Lire Documentation					  MS_ISA2DLF.IN(1)

NAME

       ms_isa2dlf - convert Microsoft ISA server logs to DLF

SYNOPSIS

       ms_isa2dlf [file]

DESCRIPTION

       ms_isa2dlf converts Microsoft Internet Security and Acceleration Server log files in the W3C Extended Log Format to the proxy DLF.  The ISA
       log files are documented on the section on "Firewall and Web Proxy log fields" in the document "Microsoft Internet Security and
       Acceleration Server Enterprise Edition" at http://technet.microsoft.com/en-us/library/cc723430.aspx.

DEBUGGING

       As any Lire 2dlf program, this program needs adjusted LR_DBDIR, LR_DBFILE, LR_ID and PATH variables.  These are set in
       .../etc/lire/defaults and .../etc/lire/profile_lean.  After manually source-ing these files, one can run this program as a standalone
       application, by invoking it as e.g.

	zcat ms_isa.log.gz | LR_ID=`date +%Y%m%d.%H%M%S` ./ms_isa2dlf > /tmp/dlf

       .

EXAMPLES

       To process a log as produced by the Microsoft ISA Server:

	$ ms_isa2dlf < ms_isa.log

       ms_isa2dlf will be rarely used on its own, but is more likely called by lr_log2report:

	$ lr_log2report ms_isa < /var/log/ms_isa.log

THANKS

       Chainsaw on OPN irc, for supplying log files.

SEE ALSO

       w3c_extended2dlf(1)

VERSION

       $Id: ms_isa2dlf.in,v 1.16 2008/11/19 12:16:05 vanbaal Exp $

COPYRIGHT

       Copyright (C) 2001 Stichting LogReport Foundation LogReport@LogReport.org

       This program is part of Lire.

       Lire is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free
       Software Foundation; either version 2 of the License, or (at your option) any later version.

       This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of
       MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for more details.

       You should have received a copy of the GNU General Public License along with this program (see COPYING); if not, check with
       http://www.gnu.org/copyleft/gpl.html.

AUTHOR

       Joost van Baal <joostvb@logreport.org>, heavily inspired by Francis J.  Lacoste's w3c_extended2dlf(1)

Lire 2.1.1							    2008-11-19							  MS_ISA2DLF.IN(1)