Critical vulnerability found in Microsoft Malware Protection Engine
Microsoft revealed a critical vulnerability in the Microsoft Malware Protection Engine (MPE) on Thursday that allows an attacker to take full control of a target’s computer. A vast array of Microsoft security products are affected, including Windows Defender for Windows 10. The Microsoft Malware Protection Engine provides the core cybersecurity capabilities for Microsoft anti-virus and anti-spyware programs in all of the company’s products. The vulnerability is fixed and patches are going out to users now. There is no sign it was exploited in the real world, according to Microsoft. The vulnerability is exploited when a specially crafted file is scanned by the Microsoft Malware Protection Engine that then allows an attacker to gain remote code execution. The report from Microsoft warned “there are many ways that an attacker could place a specially crafted file in a location that is scanned” by the vulnerable software. A dangerous file could be delivered by a website, email and messengers. If […]
The post Critical vulnerability found in Microsoft Malware Protection Engine appeared first on Cyberscoop.
Continue reading Critical vulnerability found in Microsoft Malware Protection Engine