Microsoft Issues Emergency Windows Security Update

[robin5693]

Think Macs are the only ones that have crazily easy vulnerabilities that can be exploited? Guess again! Microsoft Defender was found to have a memory corruption bug that can be exploited by attackers.

 

Quote

Microsoft said an attacker could place a specially crafted malicious file in a location that is scanned by the Malware Protection Engine to exploit the memory corruption flaw which eventually leads to remote code execution.

 

Source 1: https://thehackernews.com/2017/12/windows-update-malware-protection.html

Source 2: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937

[Projex]

2 minutes ago, robin5693 said:

Think Macs are the only ones that have crazily easy vulnerabilities that can be exploited? Guess again! Microsoft Defender was found to have a memory corruption bug that can be exploited by attackers.

 

 

Source 1: https://thehackernews.com/2017/12/windows-update-malware-protection.html

Source 2: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937

LMFAO glad I disabled that shit

[Creed1]

Great... I read a thread a couple weeks ago that said a hacker had taken full control over his laptop. My guess is it might have had something to do with it? 

 

Edit: For reference here is that thread

 

 

 

[Septimus]

1 minute ago, CmzPlusHardware said:

Great... I read a thread a couple weeks ago that said a hacker had taken full control over his laptop. My guess is it might have had something to do with it? 

This kind of puts it in perspective how long it takes for them to usually roll out updates - somewhat scary.

[NvidiaIntelAMDLoveTriangle]

So the anti-virus can be a virus. Am I reading that right?

 

 

[Wolther]

This is why even with anti-virus/malware protection you can't be dumb on the internet. There will always be exploits found no matter how well something is programmed 

[robin5693]

16 minutes ago, NvidiaIntelAMDLoveTriangle said:

So the anti-virus can be a virus. Am I reading that right?

 

 

Not quite. The anti-virus program itself could be exploited by a virus.

[vanished]

1 hour ago, robin5693 said:

Think Macs are the only ones that have crazily easy vulnerabilities that can be exploited?

I don't think anyone thinks that actually... in fact, true or not, I think it's pretty widely thought that Windows is the most vulnerable thing

[leadeater]

Edit: Argh american dates

[DrMacintosh]

35 minutes ago, leadeater said:

Edit: Argh american dates

Best dates. 

 

Bow to the Imperial System! 

[captain_to_fire]

3 hours ago, robin5693 said:

Microsoft said an attacker could place a specially crafted malicious file in a location that is scanned by the Malware Protection Engine to exploit the memory corruption flaw which eventually leads to remote code execution.

But I use Bitdefender, am I still vulnerable? Also, there's no updates available for me at the moment I'm posting this.

Edited December 9, 2017 by hey_yo_

[leadeater]

45 minutes ago, hey_yo_ said:

But I use Bitdefender, am I still vulnerable? Also, there's no updates available for me at the moment I'm posting this.

Better to use Windows Defender interface to check for updates, it'll show the actual version you have

[captain_to_fire]

31 minutes ago, leadeater said:

Better to use Windows Defender interface to check for updates, it'll show the actual version you have

????

[Master Disaster]

4 hours ago, DrMacintosh said:

Best dates. 

 

Bow to the Imperial System! 

Metric time btw....

[robin5693]

1 hour ago, hey_yo_ said:

????

As long as the engine version is 1.1.14405.2 and later, you're fine

[Matu20]

I am glad that my habit of disabling the AV actually helped me

[Doobeedoo]

Hm haven't check for updates, not at home. Have MBAM and ESET along though. 

[Ryujin2003]

22 hours ago, leadeater said:

Edit: Argh american dates

I prefer imports over domestic.

 

 

[TheKDub]

23 hours ago, NvidiaIntelAMDLoveTriangle said:

So the anti-virus can be a virus. Am I reading that right?

The entire OS is lol