When Malware Protection Needs Malware Protection
An update has been released by Microsoft to fix a major vulnerability in the remote code execution (RCE) of its Malware Protection Engine.
According to the CVE-2017-11937 security update, Microsoft believes that the MPE could be tricked into scanning a specially crafted file that would lead to a memory corruption bug. Any hacker who used this exploit could execute code to take total control of the system.
At the time of the writing of this article, Microsoft believes they caught this exploit before it was manipulated in the wild. The update should be available automatically through Windows Update. It’s recommended that you run updates on all the devices that could be affected. For more information, view Microsoft’s Security update.
A Better Way to Patch
Syxsense takes the security of endpoints very seriously. This is why we developed a cloud-based, IT management solution capable of managing anything, anytime.
Come explore our comprehensive Patch Manager and start a free trial today!
Start a Free Trial
Start a free, 14-day trial of Syxsense, which helps organizations from 50 to 10,000 endpoints monitor and manage their environment, all from just a web browser. An email will be automatically sent to the address you provide.