Wednesday, 19 September, 2018

Microsoft patches major Windows security vulnerability

Frank Williams | 10 May, 2017, 00:12

Microsoft also said that on latest Windows platforms, the risk of exploitation should be lower if the user has turned on Windows CFG (Control Flow Guard), a security feature that can make exploitation of memory-based vulnerabilities much harder.

In Microsoft Security Advisory 4022344 it provides more details of the issues and of course a fix for the "Microsoft Malware Protection Engine", at the heart of the problem.

According to a Microsoft advisory, the first version of the Microsoft Malware Protection Engine affected by this flaw is v1.1.13701.0.

Designed, ironically, to protect Windows systems against malware attack, the Malware Protection Engine (MPE) comes loaded into Windows by default in the guise of Windows Defender or Security Essentials, while corporate users may know it under the names Forefront Endpoint Protection, Microsoft Endpoint Protection, Forefront Security for SharePoint, System Centre Endpoint Protection, or Windows Intune Endpoint Protection.

The flaw had been described as "crazy bad" by Tavis Ormondy, a security researcher at Google's Project Zero, who uncovered the flaw alongside fellow researcher Natalie Silvanovich.

So, for example, you could get a malware-laden email and not even read it (let alone go near an attachment), and still be hit by the exploit because the malware protection engine will automatically scan it and trigger it - all in the background while you remain blissfully unaware.

Trump administration delays Paris climate agreement decision
Tillerson, Ivanka Trump and Jared Kushner are lead Trump administration officials in favor of sticking with the Paris agreement. Former president Barack Obama, meanwhile, had endorsed Mr Macron in a video message uploaded online.

As Engadget reports, you can check if the issue is fixed on your PC simply by looking at the engine version number of Windows Defender: it should be version 1.1.13704.0 or higher.

Google Project Zero researcher Tavis Ormandy has a long legacy of finding unknown, critical software vulnerabilities to his credit.

Today, the company published a new white paper, Evolution of malware prevention, that explains how Windows Defender uses next generation technologies to analyze malicious signals.

The Malware Protection Center on the Microsoft website offers information on updating Microsoft antimalware products manually.

Vulnerabilities in MsMpEng are among the most severe possible in Windows, due to the privilege, accessibility, and ubiquity of the service.

The Google researchers found that MsMpEngine contains a component called NScript that analyses any filesystem or network activity that looks like JavaScript. Mpengine is a vast and complex attack surface, comprising of handlers for dozens of esoteric archive formats, executable packers and cryptors, full system emulators and interpreters for various architectures and languages, and so on. "This is as surprising as it sounds", the bug report says.

Recommended

  • As Health Bill Moves to Senate, Gillibrand Asks Citizens to Voice Opposition

    Voters protest at the office of Kansas Republican Kevin Yoder, who voted Thursday to take away Americans' healthcare. Trump has said "Obamacare" is failing as insurers pull out of markets, forcing premiums and deductibles to rise.

    South Korea exit polls see win for liberal Moon

    He cast his vote in Seoul on Tuesday and told reporters later, "I gave all my body and soul (to the election) to the very end". The new president of South Korea will take office on May 10, immediately after the confirmation of the results by the NEC.

    Indonesia hard-liners call for jailing of Christian governor

    The trial came after a series of major protests against the capital's leader that drew hundreds of thousands onto the streets. The sentence was also welcomed by the youth arm of Muhammadiyah, Indonesia's second-largest mainstream Muslim organisation.
  • Erdoğan calls Macron to congratulate him over election victory

    Erdoğan calls Macron to congratulate him over election victory

    NATO Secretary General Jens Stoltenberg congratulated Macron via a message on his Twitter. He said he would "guarantee the unity of the nation and. defend and protect Europe".
    Advanced Micro Devices, Inc

    Advanced Micro Devices, Inc

    Miller Howard Investments Inc acquired 219,309 shares as Centerpoint Energy Inc Com (CNP)'s stock rose 7.60%. (NASDAQ: AMD ). Integral Derivatives Llc increased Xbi (Put) (XBI) stake by 84,600 shares to 116,000 valued at $6.87 million in 2016Q4.

    State of Play in Premier League Title Race

    But a victory at White Hart Lane will see them extend their lead to 17 points with just four games to go. This is a tough place to come and we had to keep fighting".
  • Burned Body Found in Harlem Apartment Building

    Burned Body Found in Harlem Apartment Building

    Investigators believe the woman's body was dragged in a plastic bag across the street to the building on East 105th Street. The elevator was soaked in blood, which could be seen dripping down the shaft to the floors below, sources said.
    Pune rape case: Three convicted for gangrape, murder of techie

    Pune rape case: Three convicted for gangrape, murder of techie

    The prosecution told the court that the investigation revealed that the victim was kidnapped and later gang-raped in a vehicle . Rajesh Chaudhary, the fourth accused, turned an approver as he was involved in rape, but did not have any role in murder.
    Act on terror safe havens of face consequences: Iran

    Act on terror safe havens of face consequences: Iran

    Relations between Tehran and Islamabad have seen numerous flare-ups in recent years over alleged militant activity in Pakistan. Killings of eight Iranian border guards in April 2015 and 14 in October 2013, have previously been claimed by the group.
  • South Korea exit polls forecast win for liberal Moon in presidential election

    South Korea exit polls forecast win for liberal Moon in presidential election

    As a former pro-democracy student activist, Moon was jailed for months in the 1970s while protesting against the senior Park. The 2017 election coverage is pretty much over, with exit polls calling liberal Moon Jae-In the victor .
    Navy SEAL killed in Somalia identified

    Navy SEAL killed in Somalia identified

    On April 6, President Mohamed Abdullahi Mohamed declared war on al-Shabab but at the same time offered the militants amnesty. The troops did not call in a defensive airstrike, he said, adding "the attackers were quickly neutralized on the ground".

    Death of man found in auto 'suspicious'

    The man was found around 1 p.m. on Monday, May 8, in a vehicle parked in a field near 72nd Street and 28th Avenue. Police in Van Buren County are treating a man's death as suspicious after discovering his body in a auto .

Politicos hail Supreme Court judgement in Nirbhaya case Politicos hail Supreme Court judgement in Nirbhaya case The woman, who was violated with an iron bar, suffered such severe internal injuries that some of her organs had to be removed. In 2013, the four leading convicts were sentenced to death by a trial court, and the minor was sent to a reformatory.

South Korea Election: Polls Open To Choose New President The exit polls were conducted for 13 hours to 7 p.m. local time (1000 GMT) at 330 polling stations with around 89,000 voters. A strong turnout is expected when South Koreans make their way to the voting stations today. (Han Jong-chan/Yonhap via AP).

Indian student forced to remove bra over exam cheat fears This is human rights violation, the Congress leader charged, adding they had not come with bombs and pistols to write the test. In an incident, the invigilators asked a girl to remove the pocket of her jeans because of the metallic button attached to it.

ACB registers three FIRs against Kejriwal's deceased kin, others ACB registers three FIRs against Kejriwal's deceased kin, others Bansal obtained contracts in 2015-16 for works, which never got executed, while all the payments have been cleared, it said. While one FIR has been filed against Kejriwal's relative Surender Bansal, two other FIRs are in the name of two companies.

"Real Housewives" star didn't report violations to officer Teresa Giudice made a quick getaway after she found herself in trouble with her probation officer, RadarOnline.com can reveal. Teresa apparently failed to report two traffic tickets in a timely matter and therefore violated the terms of her probation.

In A Decisive Vote, South Koreans Picked A New President He also calls for the United States to bring back tactical nuclear weapons to South Korea after withdrawing them in the 1990s. The concessions by conservative Hong Joon-pyo and centrist Ahn Cheol-soo came after exit polls forecast that Moon would win.

WH highlights Clapper testimony on Trump-Russia collusion Trump fired Yates in response, with the White House saying in a statement that she had "betrayed the Department of Justice". Cruz asked Clapper what he would do if, hypothetically, his employee forwarded emails containing classified information.

Brokerages Set Zendesk Inc (ZEN) PT at $32.40 In other Zendesk news, Director Caryn Marooney sold 1,693 shares of the business's stock in a transaction on Thursday, March 30th. Perhaps, that suggests something about why 2.40% of the outstanding share supply is held by institutional investors.

Matches Taped For Tonight's SmackDown In London (No Spoilers) Not only did the new No. 1 contender Mahal get the pinfall victory, but he did so by pinning the champion, Randy Orton . Dark match: Tye Dillinger defeated Aiden English. - Dolph Ziggler came to the ring to run down Shinsuke Nakamura again.

United Kingdom ministers accuse Brussels of trying to 'bully' Britain over Brexit United Kingdom  ministers accuse Brussels of trying to 'bully' Britain over Brexit The EU is " trying to bully the British people ", Davis told an audience at BBC Question Time . Mr Juncker reportedly said he was leaving " 10 times more sceptical than I was before".

Okefenokee wildfire spreads, forces evacuations in Georgia Okefenokee wildfire spreads, forces evacuations in Georgia The fire overran the area, but the tractor driver was able to walk to the road and is safe with no injuries, the statement said. A burn ban has been imposed for the Okefenokee National Wildlife Refuge , Baker County, Florida and Charlton County, Georgia.

Burglar arrested at rapper 50 Cent's CT mansion Burglar arrested at rapper 50 Cent's CT  mansion The rapper, whose real name is Curtis Jackson, no longer lives at the mansion and has been trying to sell it for over a year. FARMINGTON, Conn. (AP) - Authorities say they have arrested a suspected burglar at rapper 50 Cent's mansion in CT .

Most Active Stock: Cerner Corporation (CERN) A number of equities analysts have issued reports on CERN shares. 83 funds opened positions while 179 raised stakes. Cerner Corporation (NASDAQ: CERN ), from Technology sector has been on the upside of the performance spectrum.

France's Hollande greets Macron in first meeting since victory Mr Macron, who hopes to revitalise the Franco-German axis at the heart of the European Union , plans to visit Berlin shortly. Macron spoke with Merkel after his victory was announced, telling her that he would travel to Berlin "very quickly".

Pentagon: Islamic State's Afghan leader killed in April raid The U.S. force would also be bolstered by requests for matching troops from North Atlantic Treaty Organisation nations. At the same time, the strategy would retain the previous administration's reconciliation policy with the Taliban.