Security News > 2017 > June > Google researcher uncovers another RCE in Microsoft Malware Protection Engine (Help Net Security)

Google Project Zero researcher Tavis Ormandy has unearthed yet another critical remote code execution vulnerability affecting the Microsoft Malware Protection Engine, which powers a number of the company’s antivirus and antispyware software. Discovered earlier this month with the help of a fuzzer for the Windows Defender component created by Ormandy himself, the vulnerability affects the x86 emulator in Windows Defender, which “runs as SYSTEM, is unsandboxed, is enabled by default and remotely accessible to attackers.” … More →
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/wYnLyYxtgrk/
Related news
- Google paid $12 million in bug bounties last year to security researchers (source)
- Android Malware Exploits a Microsoft-Related Security Blind Spot to Avoid Detection (source)
- Microsoft shares workaround for Windows security update issues (source)
- Hackers exploit Cityworks RCE bug to breach Microsoft IIS servers (source)
- Week in review: Exploited 7-Zip 0-day flaw, crypto-stealing malware found on App Store, Google Play (source)
- FINALDRAFT Malware Exploits Microsoft Graph API for Espionage on Windows and Linux (source)
- Google Chrome's AI-powered security feature rolls out to everyone (source)
- Twin Google flaws allowed researcher to get from YouTube ID to Gmail address in a few easy steps (source)
- Microsoft spots XCSSET macOS malware variant used for crypto theft (source)
- Microsoft Uncovers New XCSSET macOS Malware Variant with Advanced Obfuscation Tactics (source)