Nomen Posted May 12, 2017 Share Posted May 12, 2017 I'm not that familiar with the inner workings of Win-7. Is the "Malware Protection Engine" an optional component? Is it a service (that can be turned off / deactivated / uninstalled) ? It just proved itself to be more trouble than it's worth. "The flaw allowed attackers to access mpengine by sending emails to users (reading the email or opening attachments is not necessary), having them visit links in a web browser, or through instant messaging. The vulnerability allows remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. " Wow. Microsoft's Motto: If it works, it's not complicated enough. ------------- Over the weekend, two of Google’s Project Zero security researchers announced that they had discovered a "crazy bad" Windows exploit, describing it as the "worst in recent memory." Project Zero gives firms 90 days to fix such discoveries, but Microsoft swiftly jumped on this problem, and just two days later has come up with a fix. The Project Zero team explains that the problem was found with Microsoft's Malware Protection service, MsMpEng. Vulnerabilities in MsMpEng are among the most severe in Windows, due to the "privilege, accessibility, and ubiquity of the service." The flaw allowed attackers to access mpengine by sending emails to users (reading the email or opening attachments is not necessary), having them visit links in a web browser, or through instant messaging. The Security Update for Microsoft Malware Protection Engine, detailed in Security Advisory 4022344, fixes the issue. Microsoft explains: The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. The fix, for Windows 7, 8.1, RT and 10, is available now via Windows Update. https://betanews.com/2017/05/09/microsoft-fixes-crazy-bad-windows-vulnerability/ Link to comment Share on other sites More sharing options...
TELVM Posted May 12, 2017 Share Posted May 12, 2017 5 hours ago, Nomen said: ... Is the "Malware Protection Engine" an optional component? Is it a service (that can be turned off / deactivated / uninstalled) ? ... It's Windows Defender (MsMpEng.exe). Ars - Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable Link to comment Share on other sites More sharing options...
Jody Thornton Posted May 12, 2017 Share Posted May 12, 2017 Whew! Checked Help -> About in Windows Defender. It appears I'm good. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now