Η Microsoft has released an update for all its antimalware products. The update fixes an application engine denial of service bug.
The security bulletin describes update and vulnerability and states that the denial of service is invoked when the engine scans a specially crafted file. The errors Denial of Service vulnerabilities are not considered very serious, but with this particular one, an attacker who can successfully exploit this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted malware is manually removed.
The affected products on clients and servers are the following:
- Microsoft Forefront Client Security
- Microsoft Forefront Endpoint Protection 2010
- Microsoft Forefront Security for SharePoint Service Pack 3
- Microsoft System Center 2012 Endpoint Protection
- Microsoft System Center 2012 Endpoint Protection Service Pack 1
- Microsoft Malicious Software Removal Tool (May 2014 or earlier versions)
- Microsoft Security Essentials
- Microsoft Security Essentials Prerelease
- Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
- Windows Defender for Windows RT and Windows RT 8.1
- Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
- Windows Defender Offline
- Windows Intune Endpoint Protection
Vulnerability was reported to Microsoft by Tavis Ormandy of Google Project Zero.