Microsoft takes care of security flaw in its MPE

Microsoft recently released one emergency security update that would fix one security flaw exploited for execution of code remotely. The flaw is within the Malware Protection Engine (MPE) of Microsoft.

According to the Redmond-based software company, dubbed CVE-2017-11937 the security flaw hasn't still been exploited. Since the security update is critical, Microsoft advises it be deployed on all Windows PCs at the earliest. Encouragingly, the majority of users will experience the update's installation automatically.

Specifically, users of Windows Defender and Microsoft Security Essentials; Forefront Endpoint Protection; Endpoint Protection; along with Exchange Server 2016 and 2013 are affected with the flaw.

Microsoft explains that the flaw becomes activated anytime the Malware Protection Engine starts scanning some downloaded file for searching the presence of threats in it. A lot of systems have this occurring by default whenever a fresh file is downloaded.

When an attacker abuses an error of memory corruption type within Malware Protection Engine his malicious file would manage running the inbuilt malware on attacked systems using their local privileges.

According to Microsoft, an attacker has several methods for planting one maliciously crafted file onto any place of a system which MPE scans. For instance, a website can be used for delivering one maliciously crafted file which's scanned at the time the computer user views that website. The Register posted this on the Web dated December 7, 2017.

Yet another method is using an e-mail alternatively a message in Instant Messenger which's scanned at the time the user opens the maliciously crafted file. Besides, websites which host else accept user-posted material too can be utilized for uploading such maliciously created document or file onto any shared directory which MPE scans.

Microsoft points out that since MPE is loaded for continuously getting updates, there would be automatic delivery of the fix onto most home end-users as well as plentiful enterprise customers.

The emergency update has been provided only a few days before Microsoft will be releasing its monthly routine second Tuesday security updates of December. Adobe characteristically does the same by releasing its security patches every month on the 2nd Tuesday.

» SPAMfighter News - 12/14/2017