Critical flaw that let hackers remotely access PCs patched by Microsoft

Critical flaw that let hackers remotely access PCs patched by Microsoft

Microsoft has patched a critical flaw in its Malware Protection Engine that allowed hackers to remotely gain access to computers.

The critical flaw was reported to Microsoft by Google’s Project Zero team and was quietly patched by the software giant last week.

Microsoft Security Essentials is an anti-malware programme and is part of Microsoft’s Windows 10 and Windows 10 Creators Update operating systems. A critical flaw in the programme allowed hackers to activate remote code execution which in turn allowed them to infiltrate systems.

Microsoft delayed roll-out of free WannaCry patch until Friday

The flaw was first discovered by Google’s Project Zero team and was patched by Microsoft on May 24. “MsMpEng includes a full system x86 emulator that is used to execute any untrusted files that look like PE executables. The emulator runs as NT AUTHORITY\SYSTEM and isn’t sandboxed,” noted Tavis Ormandy, a member of Google’s Project Zero team.

Ormandy also mentioned in his blog that Microsoft had quietly patched the said flaw on May 24, but did not comment on whether the patch was exploited by hackers.

French researchers create new tool to protect computers from WannaCry ransomware

The news comes not long after Microsoft fixed a critical flaw in Windows Defender which allowed hackers to use the anti-virus engine itself to install malware on affected PCs. The said vulnerability was present in various iterations of Microsoft’s own anti-malware engine. These engines are installed by default on all Windows 8, 8.1, 10, and Windows Server 2012 PCs across the world and include the likes of Windows Defender, Microsoft System Center Endpoint Protection, Microsoft Security Essentials and Microsoft Endpoint Protection.

“The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system,” said Microsoft’s security team.

Microsoft fixes critical Windows Defender bug that allowed hackers to take over Windows PCs

Earlier this month, a flawed security update to Webroot, an antivirus programme for Windows, impacted Windows computers running all versions of the operating system. The flawed antivirus update identified Windows programmes and other legitimate apps as malware and shut them down, thereby crippling computers around the globe.

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”” /]