Not a good month for Microsoft ... Meet CVE-2017-0290

Not a good month for Microsoft ... Meet CVE-2017-0290

As if Wanna Cry wasn't enough for Microsoft, a new critical vulnerability has been released: CVE-2017-0290, and it has been rated as one of the highest levels of threat [link]:

The embarrassment for Microsoft is that the vulnerability relates to Microsoft Defender, which is meant to defend against malware, and where an intruder can cause a memory corruption, and run malicious code on the machine.

It affects most types of Microsoft Windows operating systems, including Windows 7 and Windows 10. The vulnerability was found by Google's Project Zero team, and where Tavis Ormandy privately informed Microsoft, and which allowed the company to patch their systems before any major announcement.

Tavis thus found that MsMpEng integrated an x86 emulator that could be used to execute any untrusted files, and which runs the emulated programs with the NT AUTHORITY\SYSTEM rights, and without any sandboxing.

Coming on the back of a significant zero-day, this is not good news for Microsoft.

Gavin Townsend

Global Head of Cybersecurity at Grant Thornton International Ltd

7 年

Can we be wary of alert fatigue? Patch was rolled out automatically as a definition update a month ago.

回复

要查看或添加评论,请登录

Prof Bill Buchanan OBE FRSE的更多文章

社区洞察

其他会员也浏览了