Microsoft patches critical flaw in Windows Defender


Becky

Webmistress
Joined
Mar 25, 2003
Messages
7,424
Reaction score
1,511
Microsoft have released a security update which patches a serious vulnerability in their Microsoft Malware Protection Engine, which is relevant for anyone using Windows Defender on Windows 10. The security flaw meant that if Windows Defender even scanned specific malware, the PC could be compromised. ZDNet has more:

Google Project Zero researcher Thomas Dullien, aka Halvar Flake, discovered that attackers can trigger a memory-corruption issue in the engine if they can get Windows Defender and other affected security products to scan a specially-crafted file.

Microsoft warns there are many ways an attacker could achieve this, including placing the file on a website, in an email or instant message, on any site that hosts files, or in a shared directory.

As with similar vulnerabilities reported last year by the UK's National Cyber Security Centre (NCSC) and Project Zero, an attack would be instant if the affected antivirus has real-time protection enabled.

"If the affected anti-malware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file is scanned," Microsoft notes.


Read more here.
 
Ad

Advertisements

nivrip

Yorkshire Cruncher
Joined
Mar 21, 2007
Messages
9,813
Reaction score
1,930
Well, that's good to know as I was just about to go back to Defender. :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top