Microsoft Releases Security Updates for its Malware Protection Engine
Microsoft has released updates to address a vulnerability in their Malware Protection Engine (MPE) affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system.
This content has been archived
This article no longer conforms to NHS Digital's standards for cyber alerts, and may contain outdated or inaccurate information. Use of this information contained in this page is at your own risk
Summary
Microsoft has released updates to address a vulnerability in their Malware Protection Engine (MPE) affecting multiple products. A remote attacker could exploit this vulnerability to take control of an affected system.
Threat details
An attacker may compromise MPE by placing a specially crafted malicious file into a file location that the MPE then scans, which leads to a memory corruption exploit.
This vulnerability affects a wide range of Microsoft products, including Windows Defender, Security Essentials, Endpoint Protection, Forefront Endpoint Protection and Exchange Server 2013 and 2016. All versions of Microsoft's Windows operating system are impacted.
Remediation steps
| Type | Step |
|---|---|
|
Users and administrators are encouraged to review Microsoft's Advisory CVE-2017-11937 and apply the necessary updates. |
CVE Vulnerabilities
Last edited: 17 February 2020 11:35 am