Skip Ribbon Commands
Skip to main content
Computer Security Incident Response Team of Mauritius (CERT-MU)

VN-2017-76


Microsoft Malware Protection Engine File Processing Flaws Let Remote Users Deny Service and Execute Arbitrary Code
Severity Rating: Medium
Systems Affected:
  • Microsoft Malware Protection Engine versions 1.1.13704.0 and prior
Description
Multiple vulnerabilities have been identified in Microsoft Malware Protection Engine and can be exploited by remote attackers to cause execution of arbitrary code. The vulnerabilities reported are as follows:
  • A vulnerability exists can be exploited by remote user to cause execution of arbitrary code and denial of service conditions on the target system.
  • A vulnerability exists that can allow remote attackers to create a specially crafted file that, when scanned by the target Microsoft Malware Protection Engine, will execute arbitrary code on the target system. The code will run with LocalSystem privileges.
  • A vulnerability exists that can allow a remote user can create a specially crafted file that, when scanned by the target Microsoft Malware Protection Engine, will cause a scan timeout on the target system. As a result, the Microsoft Malware Protection Engine service will not monitor the target system until the service is restarted.
Solution
Users are advised to update apply updates.
More information is available on:
 
CVE Information
 
Vendor Information
Microsoft
 
References
Security Tracker
 
Microsoft Security Bulletin
 
 
 
 
 
 
 
 
Contact Information
 
Postal address
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street
Port Louis