Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Vulnerability in Microsoft Malware Protection Engine Could Allow DOS


  • Please log in to reply
4 replies to this topic

#1 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 AM

Posted 17 June 2014 - 05:02 PM

Vulnerability in Microsoft Malware Protection Engine Could Allow DOS

Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed and the service is restarted.

The Microsoft Malware Protection Engine ships with several Microsoft antimalware products. See the Affected Software section for a list of affected products.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

BC AdBot (Login to Remove)

 


m

#2 palerider2

palerider2

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 17 June 2014 - 08:35 PM

I was amazed to learn that there are 13 affected products. That's a lot of products to have simultaneously.

 

I read the advisory to see if further information was provided about what led to the timeout within the engine. Unfortunately, that information isn't there.


Edited by palerider2, 17 June 2014 - 08:44 PM.


#3 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 AM

Posted 17 June 2014 - 08:56 PM

The vulnerability is caused when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout.


.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 palerider2

palerider2

  • Members
  • 133 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:03 PM

Posted 18 June 2014 - 02:33 AM

 

The vulnerability is caused when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to a scan timeout.

 

 

Yes, I read that to mean that the specially-crafted file interferes with the Engine somehow. The particular mechanism isn't stated, in this case but I wondered whether it was a buffer overrun, for example.

 

If I recall correctly, this is a vulnerability that hasn't actually been used by anybody.



#5 quietman7

quietman7

    Bleepin' Janitor

  • Topic Starter

  • Global Moderator
  • 50,606 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:06:03 AM

Posted 18 June 2014 - 12:44 PM

Lack of specific details is typical of many security advisories provided by Microsoft.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users