Stories
Slash Boxes
Comments

SoylentNews is people

SoylentNews is powered by your submissions, so send in your scoop. Only 19 submissions in the queue.

Microsoft Emergency Update: Malware Engine Needs, Erm, Malware Protection

posted by Fnord666 on Sunday December 10 2017, @11:31AM   Printer-friendly
from the oh-the-irony dept.

MrPlow writes:

Submitted via IRC for Bytram

Microsoft has posted an out-of-band security update to address a remote code execution flaw in its Malware Protection Engine.

Redmond says the flaw, dubbed CVE-2017-11937, has not yet been exploited in the wild. Because it is an out-of-band critical fix, however, it should be installed as soon as possible. For most users, this will happen automatically.

The security hole is present in Windows Defender and Microsoft Security Essentials, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016.

[...] According to Microsoft, the vulnerability can be triggered when the Malware Protection Engine scans a downloaded file to check for threats. In many systems this is set to happen automatically for all new files.

By exploiting a memory corruption error in the malware scanning tool, the attack file would be able to execute code on the target machine with LocalSystem privileges.

Source: https://www.theregister.co.uk/2017/12/07/microsoft_emergency_update_malware_protection_engine_needs_erm_malware_protection/

Original Submission

 
This discussion has been archived. No new comments can be posted.
Microsoft Emergency Update: Malware Engine Needs, Erm, Malware Protection | Log In/Create an Account | Top | 11 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 2) by Grishnakh on Monday December 11 2017, @05:02PM (1 child)

    by Grishnakh (2831) on Monday December 11 2017, @05:02PM (#608326)

    The MS Malware Protection engine has never worked at all: for it to actually work, it needs to block Windows.

    Starting Score:    1  point
    Karma-Bonus Modifier   +1  
    Total Score:   2  

  • (Score: 2) by Freeman on Monday December 11 2017, @06:45PM

    by Freeman (732) on Monday December 11 2017, @06:45PM (#608376) Journal

    Blocking Windows would just create a paradox. Would need to do something useful, like trade the core for Unix / Linux. Then we could finally get the answer to that "Linux is only secure, because it's not used enough" argument I've heard thrown around a few times.

    --
    Joshua 1:9 "Be strong and of a good courage; be not afraid, neither be thou dismayed: for the Lord thy God is with thee"