Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly.
Updates to the Microsoft Malware Protection Engine are installed along with the updated malware definitions for the affected products. See the Affected Software section for a list of affected products. The Microsoft Malware Protection Engine is a part of several Microsoft antimalware products. This vulnerability has been publicly disclosed as a denial of service. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take complete control of the system. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. Microsoft is releasing this security advisory to help ensure customers are aware that an update to the Microsoft Malware Protection Engine also addresses a security vulnerability reported to Microsoft. Version: 1.0 General Information Executive Summary Security Advisory Microsoft Security Advisory 2846338 Vulnerability in Microsoft Malware Protection Engine Could Allow Remote Code Execution
0 kommentar(er)
