Security Alert (A17-12-03): Vulnerability in Microsoft Malware Protection Engine


 

Published on: 07 December 2017

  
  

Description:

Microsoft has released a security update addressing a vulnerability in the Microsoft Malware Protection Engine. A malicious crafted file could be used to exploit the vulnerability when a crafted file is scanned by the affected engine. The crafted file could be delivered in several ways, such as enticing a user to open an attached file in an email message or an Instant Messenger message, uploading a file to a Windows-based shared location, or browsing a malicious website.

 

Affected Systems:

  • Microsoft Endpoint Protection
  • Microsoft Exchange Server 2013
  • Microsoft Exchange Server 2016
  • Microsoft Forefront Endpoint Protection
  • Microsoft Forefront Endpoint Protection 2010
  • Microsoft Security Essentials
  • Windows Defender
  • Windows Intune Endpoint Protection

 

Impact:

A successful attack could lead to remote code execution and take control of the affected system.

 

Recommendation:

Patch for affected products will apply from built-in mechanism for the automatic detection and deployment of Microsoft Malware Protection Engine.

 

More Information:

https://www.us-cert.gov/ncas/current-activity/2017/12/07/Microsoft-Releases-Security-Updates-its-Malware-Protection-Engine
https://www.hkcert.org/my_url/en/alert/17120802
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11940

 



Tag: Microsoft , Exchange Server , Endpoint Protection , Forefront , Security Essentials , Windows Defender , Windows Intune
Tags