Microsoft plugs another dangerous hole in Windows Defender scanning engine

Posted on Monday, May 29 2017 @ 14:27 CEST by Thomas De Maesschalck

It's rather ironic that anti-virus software introduces new threats to your computer but that's exactly what happened with Microsoft's Windows Defender. Earlier this month the software giant fixed a "crazy bad" bug in its security software and now the firm fixed yet another extremely serious vulnerability in the virus scanning engine of Windows Defender:

Just like the last “crazy bad” vulnerability, this one was also discovered by Google’s Project Zero researcher Tavis Ormandy, but this time he privately disclosed it to Microsoft, showing the criticism he attracted last time for his public disclosure has had some effect.

The vulnerability would allow applications executed in MsMpEng’s emulator to control the emulator to achieve all kinds of mischief, including remote code execution when Windows Defender scanned an executable sent by email.

Via: MSPowerUser

About the Author

Thomas De Maesschalck

Thomas has been messing with computer since early childhood and firmly believes the Internet is the best thing since sliced bread. Enjoys playing with new tech, is fascinated by science, and passionate about financial markets. When not behind a computer, he can be found with running shoes on or lifting heavy weights in the weight room.

Loading Comments

Share this story!