Microsoft Malware Protection Engine File Processing Flaws Let Remote Users Deny Service and Execute Arbitrary Code
Severity Rating: Medium
- Microsoft Malware Protection Engine versions 1.1.13704.0 and prior
Multiple vulnerabilities have been identified in Microsoft Malware Protection Engine and can be exploited by remote attackers to cause execution of arbitrary code. The vulnerabilities reported are as follows:
- A vulnerability exists can be exploited by remote user to cause execution of arbitrary code and denial of service conditions on the target system.
- A vulnerability exists that can allow remote attackers to create a specially crafted file that, when scanned by the target Microsoft Malware Protection Engine, will execute arbitrary code on the target system. The code will run with LocalSystem privileges.
- A vulnerability exists that can allow a remote user can create a specially crafted file that, when scanned by the target Microsoft Malware Protection Engine, will cause a scan timeout on the target system. As a result, the Microsoft Malware Protection Engine service will not monitor the target system until the service is restarted.
Users are advised to update apply updates.
More information is available on:
Microsoft Security Bulletin
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street