Microsoft has just released
an emergency security patch to address vulnerability in its Malware Protection Engine (MPE) that could allow a potential attacker to take control of a victim’s PC.
The Microsoft Malware Protection Engine supposedly gives the core cybersecurity capabilities, like scanning, detection, and cleaning, for the company’s antivirus and antimalware programs in all of its products and it is enabled by default in the Windows Operating System apparently suffers a memory corruption issue which gets triggered the Malware Protection Engine scans a bogus file which in turn activates the malicious payload.
This exploit affects Microsoft products, including Windows Defender and Microsoft Security Essentials along with Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016, impacting Windows 7, Windows 8.1, Windows 10, Windows RT 8.1, and Windows Server.
When you get compromised, the exploit could allow a remote attacker to execute malicious code in the security context of the LocalSystem account and take control of your computer.
The malicious file could be deployed by phishing emails, Instant Messenger services or through a website that the user visits that runs a malicious script in the background.
The attacker could also “take advantage of websites that accept or host user-provided content, to upload a specially crafted file to a shared location that is scanned by the Malware Protection Engine running on the hosting server,” the report said.
The security vulnerability was discovered and reported by the National Cyber Security Centre (NCSC), a cyber defense organization of Britain’s signals intelligence and