tech2 News StaffMay 10, 2017 11:15:43 IST
A critical vulnerability in the Microsoft Malware Protection Engine was disclosed by Google Project Zero, a dedicated team tasked with identifying zero day exploits. The vulnerability allowed for malicious attackers to take over the system remotely, and execute arbitrary code of their choice on the affected machines. The vector of attack was a specially crafted file that could be sent through email, instant messaging programs or through web sites. The vulnerability was really bad, according to those who discovered it.
I think @natashenka and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way.
— Tavis Ormandy (@taviso) May 6, 2017
The Microsoft Malware Protection Engine scans the files anywhere in the system, including temporary files, cache, downloads and attachments. Any time the file was scanned by the security software, the attackers could gain the ability to execute code on the system. The scanning would take place continuously at most times, but the attackers could also get hold of the system if the scans were scheduled to take place at particular times of the day.
Microsoft quickly scrambled to fix the critical vulnerability. There are no steps necessary by system administrators or end users. Usually, the Microsoft Malware Protection Engine automatically gets the updates from Microsoft servers, and the fix should roll out to all systems within 48 hours. The latest version of the Microsoft Malware Protection Engine has addressed the vulnerability. There are no known cases of the vulnerability actually being exploited by malicious hackers.
Welcome to Tech2 Innovate, India’s most definitive youth festival celebrating innovation is being held at GMR Grounds, Aerocity Phase 2, on 14th and 15th February 2020. Come and experience an amalgamation of tech, gadgets, automobiles, music, technology, and pop culture along with the who’s who of the online world. Book your tickets now.