Microsoft has released a security advisory to combat vulnerability in the Microsoft Malware Protection Engine. The issue occurs when the Microsoft Malware Protection Engine does not accurately scan a specially crafted file, leading to a scan timeout.
How can it affect? Exploitation of this vulnerability can allow a hacker to cause denial of service attack. The vulnerability can allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted malicious file. An attacker who can successfully exploit this vulnerability could easily monitor the affected systems until the specially crafted file is manually removed and the service is restarted.
Here is the list of affected software:
- Microsoft Forefront Client Security
- Microsoft Forefront Endpoint Protection 2010
- Microsoft Forefront Security for SharePoint Service Pack 3
- Microsoft System Center 2012 Endpoint Protection
- Microsoft System Center 2012 Endpoint Protection Service Pack 1
- Microsoft Malicious Software Removal Tool[1]
- Microsoft Security Essentials
- Microsoft Security Essentials Prerelease
- Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
- Windows Defender for Windows RT and Windows RT 8.1
- Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
- Windows Defender Offline
- Windows Intune Endpoint Protection
An update is available for the following affected software:
- Microsoft Forefront Client Security
- Microsoft Forefront Endpoint Protection 2010
- Microsoft Forefront Security for SharePoint Service Pack 3
- Microsoft System Center 2012 Endpoint Protection
- Microsoft System Center 2012 Endpoint Protection Service Pack 1
- Microsoft Malicious Software Removal Tool (Applies only to May 2014 or earlier versions)
- Microsoft Security Essentials
- Microsoft Security Essentials Prerelease
- Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
- Windows Defender Offline
- Windows Intune Endpoint Protection
As a user, you should verify that the latest version of the Microsoft Malware Protection Engine and definition updates are being actively downloaded and installed to stay protected from such attacks.
For more information on the same visit the Microsoft website