DonationCoder.com
Best Of Blog

You are viewing a specific blog item. Click here to return to the main blog page.

Tuesday May 09, 2017

GettyImages-154748438-800x541.jpg

Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable

Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable

Quote
Microsoft on Monday patched a severe code-execution vulnerability in the malware protection engine that is used in almost every recent version of Windows (7, 8, 8.1, 10, and Server 2016), just three days after it came to its attention. Notably, Windows Defender is installed by default on all consumer-oriented Windows PCs.
...
The exploit (officially dubbed CVE-2017-0290) allows a remote attacker to take over a system without any interaction from the system owner: it's simply enough for the attacker to send an e-mail or instant message that is scanned by Windows Defender. Likewise, anything else that is automatically scanned by Microsoft's malware protection engine—websites, file shares—could be used as an attack vector. Tavis Ormandy, one of the Google Project Zero researchers who discovered the flaw, warned that exploits were "wormable," meaning they could lead to a self-replicating chain of attacks that moved from vulnerable machine to vulnerable machine.

https://arstechnica....emote-vulnerability/



posted by mouser donate to mouser - May 09, 2017, 11:44:00 AM
social bookmark this story (permalink)
(read 23 comments)

Where are the ads? DonationCoder.com is funded by donations from readers like you. If you find this site useful, please consider becoming a supporting member by making a small one-time donation, in the amount of your choice.

DonationCoder.com | About Us