Malware Engine by Microsoft Requires Malware Protection

It’s not every day that you get to write about a malware protection engine needing malware protection.  But that’s just what has happened with Microsoft’s Malware Engine.

Microsoft malware protection engine needs, uh, malware protection

Microsoft has posted an out-of-band security update to address a remote code execution flaw in its Malware Protection Engine.

Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically.

The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016.

The bug was discovered and reported by the UK’s National Cyber Security Centre – which is part of GCHQ, Blighty’s spying nerve center.

According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files.

By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.

 

Read More at The Register

About Paul Gordon 2956 Articles
Paul Gordon is the publisher and editor of iState.TV. He has published and edited newspapers, poetry magazines and online weekly magazines. He is the director of Social Cognito, an SEO/Web Marketing Company. You can reach Paul at pg@istate.tv