Microsoft fixes another severe vulnerability in Windows Defender

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » Microsoft fixes another severe vulnerability in Windows Defender

Microsoft pushed out another fix for the virus scanning engine in Windows Defender called the MsMpEng malware protection engine.

The newest flaw in MsMpEng’s emulator

This latest vulnerability was discovered by Google’s Project Zero researcher Tavis Ormandy. This time, he disclosed it to Microsoft in a private manner. This fresh vulnerability allows apps executed in MsMpEng’s emulator to control it in such a way to achieve all kinds of malicious behavior, including remote execution of code when Windows Defender scans an executable file sent via email. This new vulnerability was not as easy to exploit as the one discovered two weeks ago but is still a pretty grave.

The engine is updated regularly to prevent more issues

The emulator’s job is to emulate the user’s CPU but in a very strange way that allows API calls. What’s unclear are the reasons why the company created special instructions for the emulator, according to the Google Project Zero’s researcher.

MsMpEng is not sandboxed, which means that if you can exploit a vulnerability, the result will turn out very negative.

Fortunately, the engine is updated on a regular basis for a greater level of security. In addition, Microsoft is under increased pressure to secure its software and the company is asking governments for as much cooperation as possible to keep users safe.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

Apex Legends crashes with no error message? Fix it now

Matthew Adams By: Matthew Adams
4 minute read

Apex Legends is the latest battle royale blockbuster for Windows that EA and Respawn released on Origin. However, some Apex players have stated that the […]

Continue Reading

Fix: “Your PC is Offline” error in Windows 10, 8.1

Andrew Wafer By: Andrew Wafer
5 minute read

Do you like to keep your Windows 8 / Windows 8.1 system secured? Of course, you do, as everyone tries to keep their data in […]

Continue Reading

Here’s how to permanently fix Taskhost.exe high CPU usage

John Waibochi avatar. By: John Waibochi
5 minute read

Taskhost.exe is a process that hosts various Windows processes running from a dynamic link library instead of the conventional .exes (executable files). You see, libraries (.dlls) […]

Continue Reading