Microsoft Releases Emergency Patch for "Crazy Bad" Windows Zero-Day Bug

Megalith

Megalith

24-bit/48kHz
Staff member
Joined
Aug 20, 2006
Messages
13,000
Microsoft has quickly patched a big security vulnerability involving Windows Defender and other security products that was revealed over the weekend by Google Project Zero researchers. The flaw, which affects Microsoft Malware Protection Engine (MsMpEng), would allow attackers to get complete control of a system after a specially crafted file was scanned. The vulnerability was supposedly wormable, meaning that it could replicate itself and spread beyond the target system.

The vulnerability allows attackers to remotely execute code if the Microsoft Malware Protection Engine scans a specially crafted file. When successfully exploited, attackers are able to worm their way into the LocalSystem account and hijack an entire system. With such power, they have complete control to install or delete programs, steal information, create new accounts with full user rights and download additional malware. The Project Zero team says the vulnerability can be leveraged against victims by only sending an email to users -- without the need for the message to be opened or any attachments to be downloaded. An attack leveraging the exploit could also be conducted through malicious website visits or instant messaging.
 
Again goes to prove that Windows is only safe to use when you plug it off the internet and never open a file from an unknown source or even plug an USB stick to it.
 
B00nie said:
Again goes to prove that Windows is only safe to use when you plug it off the internet and never open a file from an unknown source or even plug an USB stick to it.
Click to expand...

what if a Hacker ninja sneaks up ya computer.

Room must have physical security too and without any windows as you can transmit signals through IR and or hdd leds ;)
 
ole-m said:
what if a Hacker ninja sneaks up ya computer.

Room must have physical security too and without any windows as you can transmit signals through IR and or hdd leds ;)
Click to expand...

Let's get real here. Internet threats to Windows are not spy stuff, they're every day problems for Windows users. Most users don't even understand that their computer is not supposed to run 300 processes and have a 95% CPU and network load at idle.
 
B00nie said:
Again goes to prove that Windows is only safe to use when you plug it off the internet and never open a file from an unknown source or even plug an USB stick to it.
Click to expand...

RIF. Security exploit doesn't even require you to open the file. As part of the windows protection system, it automatically scans all incoming files if you open them or not. It must be a file compression issue leading to a buffer overrun exploit. Since Security Essentials runs on escalated privileges, it's no wonder it would be a disaster in the making.

Just checked windows update. There is no fix yet available for download.
 
Last edited by a moderator:
DigitalGriffin said:
RIF. Security exploit doesn't even require you to open the file. As part of the windows protection system, it automatically scans all incoming files if you open them or not. It must be a file compression issue leading to a buffer overrun exploit. Since Security Essentials runs on escalated privileges, it's no wonder it would be a disaster in the making.

Just checked windows update. There is no fix yet available for download.
Click to expand...

The fix wasn't pushed through windows update. It's a new definition file for Security Essentials.

And I have no idea where CVE got that date from. Tavis found it three days ago.
 
I know it was just bad timing but the after my computer rebooted last after a update it kept rebooting. It wasn't even making it to windows and even did while I was checking the bios. After a few more times it stopped even posting. Guess power supply took a shit. Was to late to test anything.
 
thebufenator said:
Haha......right. Double butt handled.

I use nix and Windows mmmkay. Linux isn't magically more secure.
Click to expand...

It is MAGICALLY more secure. About as magic as the internet being ISIS headquarters and getting there in linux wearing a beard and a turban versus windows wearing a jewish rabbi suite.
 
Is this update separate from the telemetry security updates? So I can actually get it.
 
You must log in or register to reply here.
Back
Top