Microsoft Releases Security Updates for its Malware Protection Engine

by CIRT Team

Description: A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

Impact: A remote attacker could exploit some of these vulnerabilities to take control of an affected system.

Mitigation: Updates are available. Please see the references or vendor advisory for more information.

Reference URL’s:

• https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937
• https://www.us-cert.gov/ncas/current-activity/2017/12/07/Microsoft-Releases-Security-Updates-its-Malware-Protection-Engine

CIRT Team

Recommended Posts

Active Exploitation of Critical F5 BIG – IP Vulnerability (CVE–2023-46747) Uncovered in Bangladesh

06 Nov 2024 - Security Advisories & Alerts

Emerging Threat_Stealer Malware (Lumma C2) Campaign with fake CAPTCHA pages

08 Oct 2024 - Security Advisories & Alerts

Detection of Fog Ransomware Footprint in Cyber Space of Bangladesh

12 Sep 2024 - Security Advisories & Alerts