- Joined
- Aug 20, 2006
- Messages
- 13,000
Microsoft has quickly patched a big security vulnerability involving Windows Defender and other security products that was revealed over the weekend by Google Project Zero researchers. The flaw, which affects Microsoft Malware Protection Engine (MsMpEng), would allow attackers to get complete control of a system after a specially crafted file was scanned. The vulnerability was supposedly wormable, meaning that it could replicate itself and spread beyond the target system.
The vulnerability allows attackers to remotely execute code if the Microsoft Malware Protection Engine scans a specially crafted file. When successfully exploited, attackers are able to worm their way into the LocalSystem account and hijack an entire system. With such power, they have complete control to install or delete programs, steal information, create new accounts with full user rights and download additional malware. The Project Zero team says the vulnerability can be leveraged against victims by only sending an email to users -- without the need for the message to be opened or any attachments to be downloaded. An attack leveraging the exploit could also be conducted through malicious website visits or instant messaging.
The vulnerability allows attackers to remotely execute code if the Microsoft Malware Protection Engine scans a specially crafted file. When successfully exploited, attackers are able to worm their way into the LocalSystem account and hijack an entire system. With such power, they have complete control to install or delete programs, steal information, create new accounts with full user rights and download additional malware. The Project Zero team says the vulnerability can be leveraged against victims by only sending an email to users -- without the need for the message to be opened or any attachments to be downloaded. An attack leveraging the exploit could also be conducted through malicious website visits or instant messaging.