Archive Pages Design$type=blogging

Microsoft Releases Emergency Patches for Windows Zero-Day Bugs that are 'Crazy Bad'

Microsoft has released a rapidly growing patch to combat the severe zero-day vulnerabilities discovered a few days ago. On Monday nig...

Microsoft has released a rapidly growing patch to combat the severe zero-day vulnerabilities discovered a few days ago.

On Monday night, Redmond giant issued a security advisor for CVE-2017-0290, a remote code execution error affecting the Windows operating system.

Security vulnerabilities expressed over the weekend by Google Zero security experts Natalie Silvanovich and Tavis Ormandy.

On Twitter, the leading Ormandy vulnerability hunter reveals a zero-day defect in Microsoft Malware Protection Engine (MsMpEng), which is used by Windows Defender and other security products.

Researchers consider finding a "bad mad" bug that may be a "remote Windows remote exec error in recent memory."

Ormandy did not reveal anything else at the time, because it gave Microsoft time to fix the vulnerability of memory script device corruption after it was reported privately.

The built-in deployment and scanning system in Microsoft products will issue patches to the vendor automatically over the next 48 hours and more details have been disclosed.

The vulnerability allows an attacker to execute code remotely if Microsoft Malware Protection Engine scans specially created files. When successfully exploited, an attacker can paste their way into the LocalSystem account and hijack the whole system.

With such power, they have full control to install or uninstall programs, steal information, create new accounts with full user rights and download additional malware.

The Project Zero team says that the vulnerability can be raised against the victim by simply sending an email to the user - without the need to open messages or attachments to be downloaded. Attacks utilizing exploits can also be made through malicious website visits or instant messaging.

According to Ormandy, vulnerabilities can not only be exploited to work against the default system, but also "wormable." In other words, malware that uses exploits can replicate itself and spread beyond the target system.

"The vulnerability in MsMpEng is among the most severe in Windows, due to privileges, accessibility, and usability of services," the team said.

"If the affected antimalware software has enabled real-time protection, the Microsoft Malware Protection Engine will scan files automatically, causing vulnerability exploits when the specially created files are scanned," Microsoft said. "If real-time scanning is not enabled, an attacker will need to wait until a scheduled scan occurs so vulnerability can be exploited."

Microsoft Forefront Endpoint Protection 2010, Microsoft Endpoint Protection, Microsoft Forefront Security for SharePoint Service Pack 3, Microsoft System Center Endpoint Protection, Microsoft Security Essentials, Windows Defender for Windows 7, Windows Defender for Windows 8.1 and RT 8.1, Windows Defender for Windows 10, Windows 10 1511, Windows 10 1607, Windows Server 2016, Windows 10 1703, and Windows Intune Endpoint Protection are all affected.

However, Microsoft told the Project Zero team that the Control Flow Guard (CFG) security feature lowers the risk of compromise on some of the latest platforms where this feature is enabled.

Ormandy praised Microsoft for how quickly emergency patches were issued, saying that he was "stunned at how quickly @msftsecurity responded to users, unable to give enough praise."

Microsoft says there are no reports of issues being exploited in the wild. The system administrator does not need to act because Microsoft's internal system will push machine updates to vulnerable systems, but updates can also be applied manually to fix faster.
Name

AustralianGP Beauty Care Children Crime Culinary Did You Know? Donald Trump Environment Europe Fashion Finance Gadget Health Intel International Internet Ivanka Trump Japan Jorge Lorenzo Law & Justice LG Mark Zuckerberg Microsoft Middle East MotoGP MWC 2016 NHL Politics Property Samsung Science & Technology Smartphone Social Media Sports Tips Traveling USA ValenciaGP Valentino Rossi Vendor Web Programming WhatsApp Windows Women Xiaomi
false
ltr
item
MicroSiv™: Microsoft Releases Emergency Patches for Windows Zero-Day Bugs that are 'Crazy Bad'
Microsoft Releases Emergency Patches for Windows Zero-Day Bugs that are 'Crazy Bad'
https://1.bp.blogspot.com/-N9mvGhLgYPs/WRGYWnC3mGI/AAAAAAAACh0/ARhHCrUsgIcJMce4wlSZqHUlFH6crNuiACLcB/s320/microsoft.jpg
https://1.bp.blogspot.com/-N9mvGhLgYPs/WRGYWnC3mGI/AAAAAAAACh0/ARhHCrUsgIcJMce4wlSZqHUlFH6crNuiACLcB/s72-c/microsoft.jpg
MicroSiv™
http://www.microsiv.com/2017/05/microsoft-releases-emergency-patches-for-windows-zero-day-bugs.html
http://www.microsiv.com/
http://www.microsiv.com/
http://www.microsiv.com/2017/05/microsoft-releases-emergency-patches-for-windows-zero-day-bugs.html
true
2383949401689985367
UTF-8
Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago