Just like the last “crazy bad” vulnerability, this one was also discovered by Google’s Project Zero researcher Tavis Ormandy, but this time he privately disclosed it to Microsoft, showing the criticism he attracted last time for his public disclosure has had some effect.Via: MSPowerUser
The vulnerability would allow applications executed in MsMpEng’s emulator to control the emulator to achieve all kinds of mischief, including remote code execution when Windows Defender scanned an executable sent by email.
Microsoft plugs another dangerous hole in Windows Defender scanning engine
Posted on Monday, May 29 2017 @ 14:27 CEST by Thomas De Maesschalck