Announcement Announcement Module
Collapse
No announcement yet.
Microsoft Malware Protection Engine Denial of Service Vulnerability Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Microsoft Malware Protection Engine Denial of Service Vulnerability

    Microsoft Malware Protection Engine Denial of Service Vulnerability

    Severity Rating: HIGH

    Component Affected

    Microsoft Malware Protection Engine prior to version 1.1.10701.0 running on the following Microsoft products:

    • Microsoft Forefront Client Security
    • Microsoft Forefront Endpoint Protection 2010
    • Microsoft Forefront Security for SharePoint Service Pack 3
    • Microsoft Malicious Software Removal Tool
    • Microsoft Security Essentials
    • Microsoft Security Essentials Prerelease
    • Microsoft System Center 2012 Endpoint Protection
    • Microsoft System Center 2012 Endpoint Protection Service Pack 1
    • Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
    • Windows Defender for Windows RT and Windows RT 8.1
    • Windows Defender for Windows XP, Windows Server 2003,
    • Windows Vista, Windows Server 2008, Windows 7, and
    • Windows Server 2008 R2
    • Windows Defender Offline
    • Windows Intune Endpoint Protection

    Overview

    A vulnerability has been reported in Microsoft Malware Protection Engine which could allow a remote attacker to cause the affected system to become unresponsive.

    Description

    A vulnerability exists in Microsoft Malware Protection Engine due to improper scanning of specially crafted files.
    A remote attacker could exploit this vulnerability by enticing the user to visit a malicious website or convince the user to view an email containing a crafted file.
    Viewing the malicious website or crafted file could lead to a scan timeout during scanning by the affected software.

    Successful exploitation of the vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed leading to denial of service conditions.

    Solution

    Apply appropriate patch as mentioned in Microsoft Security Advisory 2974294

    Vendor Information
    Microsoft
    https://technet.microsoft.com/en-US/...curity/2974294

    References
    Microsoft
    https://technet.microsoft.com/en-US/...curity/2974294

    Security Tracker
    http://www.securitytracker.com/id/1030438

    Cisco
    http://tools.cisco.com/security/cent...?alertId=34637
Working...
X