Critical flaw that let hackers remotely access PCs patched by Microsoft

Critical flaw that let hackers remotely access PCs patched by Microsoft

Microsoft has patched a critical flaw in its Malware Protection Engine that allowed hackers to remotely gain access to computers.

The critical flaw was reported to Microsoft by Google’s Project Zero team and was quietly patched by the software giant last week.

Microsoft Security Essentials is an anti-malware programme and is part of Microsoft’s Windows 10 and Windows 10 Creators Update operating systems. A critical flaw in the programme allowed hackers to activate remote code execution which in turn allowed them to infiltrate systems.

Microsoft delayed roll-out of free WannaCry patch until Friday

The flaw was first discovered by Google’s Project Zero team and was patched by Microsoft on May 24. “MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT AUTHORITY\SYSTEM and isn’t sandboxed,” noted Tavis Ormandy, a member of Google’s Project Zero team.

Ormandy also mentioned in his blog that Microsoft had quietly patched the said flaw on May 24, but did not comment on whether the patch was exploited by hackers.

French researchers create new tool to protect computers from WannaCry ransomware

The news comes not long after Microsoft fixed a critical flaw in Windows Defender which allowed hackers to use the anti-virus engine itself to install malware on affected PCs. The said vulnerability was present in various iterations of Microsoft’s own anti-malware engine. These engines are installed by default on all Windows 8, 8.1, 10, and Windows Server 2012 PCs across the world and include the likes of Windows Defender, Microsoft System Center Endpoint Protection, Microsoft Security Essentials and Microsoft Endpoint Protection.

“The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system,” said Microsoft’s security team.

Microsoft fixes critical Windows Defender bug that allowed hackers to take over Windows PCs

Earlier this month, a flawed security update to Webroot, an antivirus programme for Windows, impacted Windows computers running all versions of the operating system. The flawed antivirus update identified Windows programmes and other legitimate apps as malware and shut them down, thereby crippling computers around the globe.

Copyright Lyonsdown Limited 2021

Top Articles

Amazon fined a staggering £636 million in Europe for GDPR violations

Luxembourg’s National Commission for Data Protection (CNPD) has imposed an unprecedented fine of €746 million (£636 million) on Amazon for GDPR violations.

SysAdmin Day 2021: Paying thanks to the unsung IT heroes

Today is SysAdmin Day when we should pay tribute to the system administrators working around the clock to keep business running smoothly

Former First Sea Lord says Royal Navy ships are vulnerable to hackers

A former First Sea Lord has warned that Royal Navy ships and Britain's merchant fleet could become sitting ducks for hackers if adversaries find ways to knock out satellite communications.

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]