The Notebook Review forums were hosted by TechTarget, who shut down them down on January 31, 2022. This static read-only archive was pulled by NBR forum users between January 20 and January 31, 2022, in an effort to make sure that the valuable technical information that had been posted on the forums is preserved. For current discussions, many NBR forum users moved over to NotebookTalk.net after the shutdown.
Problems? See this thread at archive.org.

    Windows Defender vulnerability discovered and fixed

    Discussion in 'Security and Anti-Virus Software' started by Spartan@HIDevolution, May 9, 2017.

  1. Spartan@HIDevolution

    Spartan@HIDevolution Company Representative

    Reputations:
    39,604
    Messages:
    23,561
    Likes Received:
    36,864
    Trophy Points:
    931
    Spartan@HIDevolution, May 9, 2017
    #1
    aaronne likes this.
  2. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,110
    Messages:
    20,384
    Likes Received:
    25,139
    Trophy Points:
    931
    Microsoft fixes remote hacking flaw in Windows Malware Protection Engine
    By Lucian Constantin | MAY 9, 2017 7:26 AM PT
    Attackers can exploit the vulnerability to compromise Windows systems running affected Microsoft security products, including Windows Defender and Microsoft Security Essentials.
    http://www.techconnect.com/article/...law-in-windows-malware-protection-engine.html

    "Microsoft has released an update for the malware scanning engine bundled with most of its Windows security products in order to fix a highly critical vulnerability that could allow attackers to hack computers.

    The vulnerability was discovered by Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich on Saturday and was serious enough for Microsoft to create and release a patch by Monday. This was an unusually fast response for the company, which typically releases security updates on the second Tuesday of every month and rarely breaks out of that cycle.

    Ormandy announced Saturday on Twitter that he and his colleague found a "crazy bad" vulnerability in Windows and described it as " the worst Windows remote code execution in recent memory."

    "Users should check that the Microsoft Malware Protection Engine version used in their products is 1.1.10701.0 or later. Propagation of the fix to products that are configured to for automatic updates can take up to 48 hours, but users can also trigger a manual update."

    Microsoft Security Advisory 4022344
    Security Update for Microsoft Malware Protection Engine
    Published: May 8, 2017
    https://technet.microsoft.com/en-us/library/security/4022344
     
    hmscott, May 9, 2017
    #2
  3. Spartan@HIDevolution

    Spartan@HIDevolution Company Representative

    Reputations:
    39,604
    Messages:
    23,561
    Likes Received:
    36,864
    Trophy Points:
    931
    Spartan@HIDevolution, May 9, 2017
    #3
    Papusan and hmscott like this.
  4. hmscott

    hmscott Notebook Nobel Laureate

    Reputations:
    7,110
    Messages:
    20,384
    Likes Received:
    25,139
    Trophy Points:
    931
    Nice, but why didn't you have any text / description in your post - just a link makes it unclear what's up. Also, I think my title was a better description, the hack isn't limited to Windows Defender:

    Microsoft fixes remote hacking flaw in Windows Malware Protection Engine

    As long as the word gets out, multiple sources are good :)

    BTW, I didn't see your post, I saw the announcement on the same site and at the same time I posted this one:

    How to check for the Intel Active Management exploit
     
    Last edited: May 9, 2017
    hmscott, May 9, 2017
    #4
    Papusan, alexhawker and Spartan@HIDevolution like this.