Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?
Bug Microsoft Security Windows

Microsoft's 'Malware Protection Engine' Had A Remote Code Execution Flaw (theregister.co.uk) 54

Slashdot reader Trax3001BBS shares an article from The Register: Microsoft posted an out-of-band security update Thursday to address a remote code execution flaw in its Malware Protection Engine. Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically.

The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016... According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files. By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.

This discussion has been archived. No new comments can be posted.

Microsoft's 'Malware Protection Engine' Had A Remote Code Execution Flaw

Comments Filter:
  • True enterprise grade bugs, now not only Apple's monopoly

  • Still, I've got to admit MS are doing a pretty decent job on security at the moment. This hole is already patched and the KRACK vulnerability was patched before it was made public

    https://www.bleepingcomputer.c... [bleepingcomputer.com]

    Pretty sneaky, Microsoft. While some vendors were scrambling to release updates to fix the KRACK Attack vulnerability released today, Microsoft, quietly snuck the fix into last week's Patch Tuesday.

    While Windows users were dutifully installing October 10th's Patch Tuesday security updates, little did they know they were also installing a fix for the KRACK vulnerability that was not publicly disclosed until today. This fix was installed via a cumulative update that included over 25 other updates, but didn't provide any useful info until you visited the associated knowledge basic article.

    Even if you were bored enough to actually click on the More info button, you would have had to be REALLY bored to even spot a reference to a vague mention of a wireless security update in the last bullet item of the knowledge base article.

  • Remote Code Execution Flaw


    Engineered Vulnerability

    The deck is stacked against us. Publicly traded companies and the federal government are the same entity. They are conspiring to throw us down into the deepest possible slavery and probably to kill/sterilize us once they have the machines to replace us.

    The possibility to resolve this problem without utter chaos lasting indefinitely is closing. Those of us who realize the threat need to band together NOW and bleed this system dry with sabotage and seek to rebuild our republic.

  • "Out of band" does not mean "unscheduled", you dozy twats!

Things are not as simple as they seems at first. - Edward Thorp