On Wednesday, Microsoft started rolling out an update to all Windows products that rely on the Malware Protection Engine for security scans.
December 2017 Patch Tuesday: CVE-2017-11937, CVE-2017-11940,, by Milena Dimitrova| December. This is different than CVE-2017-11937. December 2017 Patch Tuesday. The last batch of updates for this year addressed a total of 12 critical vulnerabilities, and 10 important. Here is a short resume of some of the more notable of these flaws, in. This is different than CVE-2017-11937. December 2017 Patch Tuesday. The last batch of updates for this year addressed a total of 12 critical vulnerabilities, and 10 important. Here is a short resume of some of the more notable of these flaws, in addition to the MMPE bugs. The definitions are taken from MITRE’s database: CVE-2017-11899. Learn about the CVE-2017-9765 patch for Kaspersky Security Center 10 Service Pack 2 Maintenance Release 1. After installing the CVE-2017-9765 patch for version Kaspersky Security Center 10 SP2 MR1 in the installation folder of Administration Server. Download: Files Trial Version. Documentation Online Help Best Practices. December 2017 Patch Tuesday: CVE-2017-11937, CVE-2017-11940,, by Milena Dimitrova| December. This is different than CVE-2017-11937. December 2017 Patch Tuesday. The last batch of updates for this year addressed a total of 12 critical vulnerabilities, and 10 important. Here is a short resume of some of the more notable of these flaws, in.
The update brings a security bugfix for a bug discovered by the UK National Cyber Security Centre (NCSC), a branch of the UK Government Communications Headquarters (GCHQ), the country's official intelligence and security agency.
Latest Wow Patch Download
Critical MMPE bug allows remote code execution
Microsoft says the bug —tracked as CVE-2017-11937— is rated 'Critical' in terms of severity and allows remote code execution on vulnerable products.
A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
To exploit this flaw, an attacker must first craft a malformed file and send it to a remote computer, via email, inside IM messages, as part of a website's code when the user accesses the site, or place it in other locations that are scanned by the Microsoft Malware Protection Engine by default.
The Microsoft Malware Protection Engine is designed to scan files in real time automatically, leading to immediate and easy exploitation of the vulnerability.
The Malware Protection Engine is included with products such as Windows Defender, Microsoft Security Essentials, Microsoft Endpoint Protection, and Windows Intune Endpoint Protection — on all currently supported Windows versions, which are Windows 7 and later.
Patched in MMPE v1.1.14405.2
Microsoft patched this bug in the Microsoft Malware Protection Engine version 1.1.14405.2.
The good news is that Microsoft has specifically designed a self-update mechanism for this component. This means that most users have already silently received this update unless they have opted to block MMPE updates by tweaking registry keys or via group policies.
In this case, users should take note of this critical MMPE update and allow the component to upgrade.
This is not the only critical-level fix the MMPE component received this year. There have been three other similar bugs this year alone that would have allowed attackers to remotely execute code on Windows workstations running outdated MMPE components [1, 2, 3].