Flaw in MS Malware Protection Engine puts users at risk
The latest update to the Microsoft Malware Protection Engine includes a patch for a vulnerability that could allow an elevation of privilege if the Engine performs a scan of the system after an attacker with valid logon credentials has created a specially crafted registry key.
Granted, the vulnerability cannot be exploited by an anonymous user, so the likelihood of it being exploited in the wild has been and is rather slim.
Unfortunately, the Engine is an integral part of various anti-malware products made by Microsoft – including its Security Essentials solution and its Malicious Software Removal Tool – so a speedy update of the malware definitions for the affected products is advised, since the update for the Engine is bundled up with them.
“Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly,” warns Microsoft. According to the advisory, server side anti-malware products are not affected by the flaw.