Author Topic: Microsoft Quietly Kills Another Gaping Hole in Windows Defender  (Read 181 times)

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • Posts: 10398
On Friday, Microsoft rolled out an out-of-band security update that patched a major security flaw in the Microsoft Malware Protection Engine (MsMpEng), a core security service part of the Microsoft ecosystem.

The bug, tracked as CVE-2017-8558, affects the x86 emulator included with the Malware Protection Engine and was discovered by Google Project Zero researcher Tavis Ormandy.

According to a technical write-up by Ormandy, the vulnerability allows an attacker to execute code on a user's computer, gain LocalSystem privileges, and take over the victim's PC.


https://www.bleepingcomputer.com/news/security/microsoft-quietly-kills-another-gaping-hole-in-windows-defender/

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-


There are any comments for this topic. Do you want to be the first?