Microsoft Fixes Malware Protection Engine Bug
Posted by: Timothy Tibbetts on 12/08/2017 08:27 AM
[
Comments
]
Microsoft has patched a bug in their Malware Protection Engine that could allow remote execution.
"A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
The bug was first discovered by the UK National Cyber Security Centre (NCSC).
As long as your Windows Update is current, you are patched. More information is available on all the latest fixes here.
"A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights."
The bug was first discovered by the UK National Cyber Security Centre (NCSC).
As long as your Windows Update is current, you are patched. More information is available on all the latest fixes here.
Comments
