Microsoft Malware Protection Engine

Intel Won’t Patch Spectre on All CPUs

Posted on April 5, 2018 by Lucian Constantin

Intel does not plan to release microcode updates for older generations of processors that are affected by the Spectre vulnerability, either because patching is not practical and for other reasons. The company released a microcode revision guidance doc… Continue reading Intel Won’t Patch Spectre on All CPUs→

Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability

Posted on December 8, 2017 by Swati Khandelwal

Microsoft has just released an emergency security patch to address a critical remote code execution (RCE) vulnerability in its Malware Protection Engine (MPE) that could allow an attacker to take full control of a victim’s PC.

Enabled by default, Micr… Continue reading Microsoft Issues Emergency Windows Security Update For A Critical Vulnerability→

Critical vulnerability found in Microsoft Malware Protection Engine

Posted on December 7, 2017 by Patrick Howell O'Neill

Microsoft revealed a critical vulnerability in the Microsoft Malware Protection Engine (MPE) on Thursday that allows an attacker to take full control of a target’s computer. A vast array of Microsoft security products are affected, including Windows Defender for Windows 10. The Microsoft Malware Protection Engine provides the core cybersecurity capabilities for Microsoft anti-virus and anti-spyware programs in all of the company’s products. The vulnerability is fixed and patches are going out to users now. There is no sign it was exploited in the real world, according to Microsoft. The vulnerability is exploited when a specially crafted file is scanned by the Microsoft Malware Protection Engine that then allows an attacker to gain remote code execution. The report from Microsoft warned “there are many ways that an attacker could place a specially crafted file in a location that is scanned” by the vulnerable software. A dangerous file could be delivered by a website, email and messengers. If […]

The post Critical vulnerability found in Microsoft Malware Protection Engine appeared first on Cyberscoop.

Continue reading Critical vulnerability found in Microsoft Malware Protection Engine→

Another RCE Vulnerability Patched in Microsoft Malware Protection Engine

Posted on June 26, 2017 by Michael Mimoso

Google Project Zero’s Tavis Ormandy found another remote code execution vulnerability in the Microsoft Malware Protection Engine, the third since early May. Continue reading Another RCE Vulnerability Patched in Microsoft Malware Protection Engine→

Emergency Update Patches Zero Day in Microsoft Malware Protection Engine

Posted on May 9, 2017 by Michael Mimoso

Microsoft released an emergency update for a zero-day vulnerability disclosed by Google in the Microsoft Malware Protection Engine bundled with most versions of Windows. Continue reading Emergency Update Patches Zero Day in Microsoft Malware Protection Engine→

remote code execution in the Microsoft Malware Protection Engine CVE-2017-0290

Posted on May 9, 2017 by Myonlinesecurity

There has been a recently discovered remote code execution in the Microsoft Malware Protection Engine that had the potential to allow an attacker to completely take over affected computers. This has been fixed by Microsoft in an update to the Microsoft Malware Protection Engine in affected programs. This will automatically apply, … Continue reading → Continue reading remote code execution in the Microsoft Malware Protection Engine CVE-2017-0290→