Microsoft fixes security flaw in malware protection engine

The Malware Protection Engine is used in Windows Live OneCare, Microsoft Security Essentials, Windows Defender, Forefront Client Security, Forefront Endpoint Protection 2010, and the Microsoft Malicious Software Removal Tool.

The vulnerability could allow elevation of privilege if the Microsoft Malware Protection Engine scans a system after an attacker with valid logon credentials has created a specially crafted registry key, the company said in a security advisory.

The security update has been pushed out to users of Microsoft's security products via the company's automatic update to patch the elevation of privilege vulnerability.

Microsoft said the update would have been automatic for enterprises, providing administrators had ensured that definition and engine updates were approved in their update management software.

"Since the Microsoft Malware Protection Engine is a part of several Microsoft anti-malware products, the update to the Microsoft Malware Protection Engine is installed along with the updated malware definitions for the affected products," the company said.

Microsoft claims there have been no exploits of the flaw, which was reported to the company by an independent security researcher.

Version 1.1.6502.0 is the latest version of the Microsoft Malware Protection Engine affected by this vulnerability, which is fixed from version 1.1.6603.0.

This story was first published by Computer Weekly

What’s hot on Infosecurity Magazine?