Share this article

Latest news

With KB5043178 to Release Preview Channel, Microsoft advises Windows 11 users to plug in when the battery is low

Copilot in Outlook will generate personalized themes for you to customize the app

Microsoft will raise the price of its 365 Suite to include AI capabilities

Death Stranding Director’s Cut is now Xbox X|S at a huge discount

Outlook will let users create custom account icons so they can tell their accounts apart easier

Microsoft releases fix for the critical Windows Defender vulnerability found by Google

2 min. read

Published onMay 9, 2017

published onMay 9, 2017

Share this article

Read our disclosure page to find out how can you help Windows Report sustain the editorial teamRead more

As we reported yesterday, two Google security researchers recentlydiscovered a critical bug in Windows Defender, which they described as “the worst Windows remote code exec in recent memory.” The vulnerability was indeed pretty bad, as the researchers explained that attacks could work against the default install and spread to other PCs.

Fortunately, Microsoft has just announced that a fix is now available to download on PCs running Windows 7, 8.1, RT, 10 and Windows Server 2016.

Just released malware protection engine update toaddress RCE vuln – Defender will autoupdate.https://t.co/rzn5QWo6sV

— Security Response (@msftsecresponse)May 9, 2017

As the company explained, the remote code execution vulnerability could be exploited when the Microsoft Malware Protection Engine was not properly scanning specially crafted files. You can find more details below:

To exploit this vulnerability, a specially crafted file must be scanned by an affected version of the Microsoft Malware Protection Engine. There are many ways that an attacker could place a specially crafted file in a location that is scanned by the Microsoft Malware Protection Engine. For example, an attacker could use a website to deliver a specially crafted file to the victim’s system that is scanned when the website is viewed by the user. An attacker could also deliver a specially crafted file via an email message or in an Instant Messenger message that is scanned when the file is opened. In addition, an attacker could take advantage of websites that accept or host user-provided content, to upload a specially crafted file to a shared location that is scanned by the Malware Protection Engine running on the hosting server.

The company added that it had “not received any information to indicate that this vulnerability had been publicly used to attack customers,” which is reassuring. The update to the Microsoft Malware Protection Engine should be downloaded automatically on your PC, but you can install it immediately by checking Windows Update.

Radu Tyrsina

Radu Tyrsina has been a Windows fan ever since he got his first PC, a Pentium III (a monster at that time).

For most of the kids of his age, the Internet was an amazing way to play and communicate with others, but he was deeply impressed by the flow of information and how easily you can find anything on the web.

Prior to founding Windows Report, this particular curiosity about digital content enabled him to grow a number of sites that helped hundreds of millions reach faster the answer they’re looking for.

User forum

0 messages

Sort by:LatestOldestMost Votes

Comment*

Name*

Email*

Commenting as.Not you?

Save information for future comments

Comment

Δ

Radu Tyrsina