{"id":254727,"date":"2018-04-04T16:46:31","date_gmt":"2018-04-04T14:46:31","guid":{"rendered":"https:\/\/mybroadband.co.za\/news\/?p=254727"},"modified":"2018-04-04T16:48:38","modified_gmt":"2018-04-04T14:48:38","slug":"microsoft-patches-remote-code-execution-flaw-in-windows-defender","status":"publish","type":"post","link":"https:\/\/mybroadband.co.za\/news\/security\/254727-microsoft-patches-remote-code-execution-flaw-in-windows-defender.html","title":{"rendered":"Microsoft patches remote code execution flaw in Windows Defender"},"content":{"rendered":"<p>Microsoft has patched a critical security vulnerability in Windows Defender, which could allow an attacker to execute arbitrary code on a system.<\/p>\n<p>The attack required a specific file to be scanned by the\u00a0Microsoft Malware Protection Engine, that then led to memory corruption.<\/p>\n<p>The attacker could remotely execute code in the security context of the LocalSystem account, allowing them to take control of the system.<\/p>\n<p>&#8220;There are many ways that an attacker could place a specially crafted file in a location that is scanned by the engine,&#8221; said the company.<\/p>\n<p>&#8220;An attacker could use a website to deliver a file to the victim&#8217;s system&#8230; [or] via an email message, or in an instant messenger message.&#8221;<\/p>\n<p>If a user&#8217;s real-time protection is turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability.&#8221;<\/p>\n<p>Microsoft&#8217;s patch addresses the vulnerability by correcting the way the Protection Engine scans these files.<\/p>\n<p>The flaw affected the older Microsoft Security Essentials program, and the Defender service from Windows 7 to Windows 10.<\/p>\n<p>Other Microsoft products affected included Microsoft Exchange Server 2013 and 2016.<\/p>\n<h3 class=\"my-4\">Now read:\u00a0<a href=\"https:\/\/mybroadband.co.za\/news\/software\/253681-windows-10-is-almost-at-50-adoption.html\">Windows 10 is almost at 50% adoption<\/a><\/h3>\n","protected":false},"excerpt":{"rendered":"<p>Microsoft has patched a critical security vulnerability in Windows Defender.<\/p>\n","protected":false},"author":23,"featured_media":206794,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[27],"tags":[123,807,43062],"class_list":["post-254727","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-security","tag-microsoft","tag-windows","tag-windows-defender"],"_links":{"self":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/254727"}],"collection":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/users\/23"}],"replies":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/comments?post=254727"}],"version-history":[{"count":2,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/254727\/revisions"}],"predecessor-version":[{"id":254733,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/posts\/254727\/revisions\/254733"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media\/206794"}],"wp:attachment":[{"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/media?parent=254727"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/categories?post=254727"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mybroadband.co.za\/news\/wp-json\/wp\/v2\/tags?post=254727"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}