Microsoft fixes another severe vulnerability in Windows Defender

Costea Lestoc By: Costea Lestoc
2 minute read

Microsoft pushed out another fix for the virus scanning engine in Windows Defender called the MsMpEng malware protection engine.

The newest flaw in MsMpEng’s emulator

This latest vulnerability was discovered by Google’s Project Zero researcher Tavis Ormandy. This time, he disclosed it to Microsoft in a private manner. This fresh vulnerability allows apps executed in MsMpEng’s emulator to control it in such a way to achieve all kinds of malicious behavior, including remote execution of code when Windows Defender scans an executable file sent via email. This new vulnerability was not as easy to exploit as the one discovered two weeks ago but is still a pretty grave.

The engine is updated regularly to prevent more issues

The emulator’s job is to emulate the user’s CPU but in a very strange way that allows API calls. What’s unclear are the reasons why the company created special instructions for the emulator, according to the Google Project Zero’s researcher.

MsMpEng is not sandboxed, which means that if you can exploit a vulnerability, the result will turn out very negative.

Fortunately, the engine is updated on a regular basis for a greater level of security. In addition, Microsoft is under increased pressure to secure its software and the company is asking governments for as much cooperation as possible to keep users safe.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patented Technologies (requires upgrade).

Discussions

Next up

Dutch Regulators catch Windows 10 breaching GDPR

Giles Ensor avatar. By: Giles Ensor
3 minute read

Two years in the offing and GDPR is still being breached. It will come as no surprise to many that a big, American tech company […]

Continue Reading

Microsoft was just playing with Mail ads and turned them off

Giles Ensor avatar. By: Giles Ensor
3 minute read

The symbiosis of the internet and advertising has long been understood. Everyone understands that if you have access to something that is ‘free’, inasmuch as […]

Continue Reading

Mozilla adds alerts about recently breached sites into Firefox browser

Giles Ensor avatar. By: Giles Ensor
3 minute read

Firefox has announced that it will start to warn users if they visit any breached sites. This is in an attempt to not only make […]

Continue Reading