Your IT Consultant
Information Technology Blog
by John W. Simek, Vice President of Sensei Enterprises, Inc.
Windows Security Software Gets Emergency Patch
May 10, 2017
Security software should protect you from malware and not make your computer more vulnerable. Not so with several of Microsoft's products, including Windows Defender. Endgadet reported that Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich tweeted about discovering "the worst Windows remote code exec in recent memory." According to an advisory released by Microsoft, the remotely exploitable security flaw (CVE-2017-0290) exists in Microsoft Malware Protection Engine (MMPE) – the company's own antivirus engine that could be used to fully compromise Windows PCs without any user interaction. The impacted software includes:
- Windows Defender
- Windows Intune Endpoint Protection
- Microsoft Security Essentials
- Microsoft System Center Endpoint Protection
- Microsoft Forefront Security for SharePoint
- Microsoft Endpoint Protection
- Microsoft Forefront Endpoint Protection
If you are running any of the impacted software products (Microsoft's Defender security software comes enabled by default on Windows 7, 8.1, RT 8.1, Windows 10 and Windows Server 2016) make sure you apply the patch as soon as possible.
E-mail: Phone: 703.359.0700
Digital Forensics/Information Security/Information Technology
http://www.linkedin.com/in/johnsimek
https://amazon.com/author/johnsimek
https://www.senseient.com
Listen to the Podcast
