Critical vulnerability found in Microsoft Malware Protection Engine

Microsoft revealed a critical vulnerability in the Microsoft Malware Protection Engine (MPE) on Thursday that allows an attacker to take full control of a target’s computer. A vast array of Microsoft security products are affected, including Windows Defender for Windows 10. The Microsoft Malware Protection Engine provides the core cybersecurity capabilities for Microsoft anti-virus and anti-spyware programs in all of the company’s products. The vulnerability is fixed and patches are going out to users now. There is no sign it was exploited in the real world, according to Microsoft. The vulnerability is exploited when a specially crafted file is scanned by the Microsoft Malware Protection Engine that then allows an attacker to gain remote code execution. The report from Microsoft warned “there are many ways that an attacker could place a specially crafted file in a location that is scanned” by the vulnerable software. A dangerous file could be delivered by a website, email and messengers. If […]

The post Critical vulnerability found in Microsoft Malware Protection Engine appeared first on Cyberscoop.

Continue reading Critical vulnerability found in Microsoft Malware Protection Engine

Microsoft unveils specialized anti-ransomware tool for next update

Microsoft announced a new feature dedicated to fending off ransomware via its Windows 10 Insider Preview Build 16232 on Wednesday. The newly revealed tool, known as Controlled Folder Access, is designed to assist the user in data protection from a variety of different computer viruses, especially ransomware, said Dona Sarkar, head of Microsoft’s Windows Insiders program. Ransomware is malware that is typically designed to lock up a computer’s files until a payment is sent to a specific source. In most cases, this payment comes in the form of the cryptocurrency bitcoin, and it is sent to a bitcoin wallet address. Current private sector estimates for total ransomware losses in 2016 alone exceeded $100 million. Once a user activates the Controlled Folder Access feature in the Windows Defender Security Center interface, an automated tool will begin monitoring files within certain protected folders. The user can manually whitelist trusted applications to edit these files autonomously. […]

The post Microsoft unveils specialized anti-ransomware tool for next update appeared first on Cyberscoop.

Continue reading Microsoft unveils specialized anti-ransomware tool for next update