Microsoft is today rolling out an emergency security update to all supported versions of Windows operating system. This emergency patch has addressed a critical vulnerability in Microsoft’s desktop operating system, related to remote code execution (RCE) flaw in the Malware Protection Engine.
Microsoft confirmed the vulnerability is in all latest versions of Windows operating system including Windows 10. The document CVE-2017-11937 has revealed the vulnerability in Windows 7, Windows 8.1, Windows 10, Windows RT 8.1, and even Windows Server. The security flaw in the operating system is affecting Microsoft’s applications like Windows Defender.
If the system is exploited successfully, an attacker could get the full control of the system, meaning that the attacker would basically control your Windows computer and access sensitive information like emails stored on the system.
“If the affected AntiMalware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file is scanned,” Microsoft explains.
Microsoft has also revealed that the security flaw exists in the Malware Protection Engine, where it could be used to cause memory corruption. The attacker could deploy crafted file on the computer via any means of communication like email, and the end result of the process allows an attacker to get administrator privileges on the computer.
“If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited. All systems running an affected version of antimalware software are primarily at risk.”
The emergency patch makes sure that attackers can no longer breach the system. Microsoft claims that exploitation is less likely since the vulnerability wasn’t publicly disclosed.
