Microsoft quietly fixes another “extremely bad vulnerability” in Windows Defender

Microsoft has quietly pushed out another fix for their virus scanning engine in Windows Defender, the MsMpEng malware protection engine.

Just like the last “crazy bad” vulnerability, this one was also discovered by Google’s Project Zero researcher Tavis Ormandy, but this time he privately disclosed it to Microsoft, showing the criticism he attracted last time for his public disclosure has had some effect.

The vulnerability would allow applications executed in MsMpEng’s emulator to control the emulator to achieve all kinds of mischief, including remote code execution when Windows Defender scanned an executable sent by email.

“MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT AUTHORITY\SYSTEM and isn’t sandboxed. Browsing the list of win32 APIs that the emulator supports, I noticed ntdll!NtControlChannel, an ioctl-like routine that allows emulated code to control the emulator.” 

Want More? - Click Here

Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

Latest Content

  • Slip your head into a huge noise-isolating helmet
    Written by

    Da Boss!

    Slip your head into a huge noise-isolating helmet Huh...so the Flintstones Gazoo helmet is now available to purchase.…
    Read more...
  • Consumer Reports stops recommending Microsoft Surface PCs over reliability concerns
    Written by

    Da Boss!

    Consumer Reports stops recommending Microsoft Surface PCs over reliability concerns I have to laugh a little at this. What do…
    Read more...
  • Microsoft reveals new Windows 10 Workstations edition for power users
    Written by

    Da Boss!

    Microsoft reveals new Windows 10 Workstations edition for power users Well, it's about damn time!
    Read more...
  • Alienware Area-51 Ryzen Threadripper Edition Hands-On With Benchmark Annihilation
    Written by

    Da Boss!

    Alienware Area-51 Ryzen Threadripper Edition Hands-On With Benchmark Annihilation Um...DAMN! Threadripper is no slouch that's for sure! WOW! Sure, this…
    Read more...
  • Fecal Bacteria Found In Drinks Sold By Major Fast Food Restaurants Like McDonald's
    Written by
    Fecal Bacteria Found In Drinks Sold By Major Fast Food Restaurants Like McDonald's Welp, there goes the "yes" when I am asked if…

Visit the Digitalsmind Video YouTube Page!

Did you know we have a video page on YouTube? 

Well... WE DO! 

Check us out! 

- Our Video page.