Microsoft Patches Critical RCE Bug in Windows Defender

June 27, 2017
By Marcos Colon

Computing giant Microsoft has once again patched a critical vulnerability in its Windows antivirus tool.

On Friday, the company addressed a remote code execution vulnerability in Windows Defender which could have been exploited without any user interaction, according to a report by CSO Online.

Discovered by Google Project Zero's Tavis Ormandy on June 7, the flaw was not being exploited at the time. He went public with his technical report on the flaw on June 23, after Microsoft released a patch to fix it. Before sending it off to Microsoft, Ormandy encrypted the proof-of-concept demo file to prevent crashing Microsoft's email servers.

"Note that as soon as the testcase.txt file touches disk, it will immediately crash the MsMPEng service on Windows, which may destabilize your system," Ormandy. "The testcases have been encrypted to prevent crashing your exchange server."

prestitial ad