Search

Microsoft issues patch for bug in Windows Malware Protection Engine

By: IANS|San Francisco|

Microsoft, Microsoft patch, Microsoft patch Windows Malware Protection Engine, Microsoft bug, Microsoft security patch, Google Project Zero Microsoft suggests all usages to instantly set up the brand-new security spot. Microsoft has actually launched a security patch to repair a flaw in its Windows Malware Security Engine that, if left without treatment, can make use of a memory corruption error in the malware scanning tool and hack your system. The bug in Malware Defense Engine was found by the UK’s National Cyber Security Centre. The vulnerability (CVE-2017-11937) can affect systems running Windows 7, 8.1, 10 and Server 2016. A similar defect was discovered by Tavis Ormandy, security scientist for Google’s Job Absolutely no, in June this year.

“According to Microsoft, the vulnerability can be activated when the Malware Protection Engine scans a downloaded file to look for hazards,” The registrar reported. In numerous systems, this occurs instantly for all new files. Microsoft advises all usages to immediately set up the new security patch.

“There are lots of manner ins which an assailant could place a specially crafted file in a place that is scanned by the Microsoft Malware Protection Engine. An aggressor might use a website to provide a specially crafted file to the victim’s system that is scanned when the website is viewed by the user,” the company stated in its advisory FAQ.An aggressor might also deliver a specifically crafted file via an e-mail message or in an Immediate Messenger message that is scanned when the file is opened.

“In addition, an attacker might take advantage of sites that accept or host user-provided material, to publish a specifically crafted file to a shared location that is scanned by the Malware Security Engine running on the hosting server,” Microsoft noted.For all the

most current Innovation News, download Indian Express App Tags:

Related posts