Not a good month for Microsoft ... Meet CVE-2017-0290
As if Wanna Cry wasn't enough for Microsoft, a new critical vulnerability has been released: CVE-2017-0290, and it has been rated as one of the highest levels of threat [link]:
The embarrassment for Microsoft is that the vulnerability relates to Microsoft Defender, which is meant to defend against malware, and where an intruder can cause a memory corruption, and run malicious code on the machine.
It affects most types of Microsoft Windows operating systems, including Windows 7 and Windows 10. The vulnerability was found by Google's Project Zero team, and where Tavis Ormandy privately informed Microsoft, and which allowed the company to patch their systems before any major announcement.
Tavis thus found that MsMpEng integrated an x86 emulator that could be used to execute any untrusted files, and which runs the emulated programs with the NT AUTHORITY\SYSTEM rights, and without any sandboxing.
Coming on the back of a significant zero-day, this is not good news for Microsoft.
Global Head of Cybersecurity at Grant Thornton International Ltd
7 年Can we be wary of alert fatigue? Patch was rolled out automatically as a definition update a month ago.