*Subject:* Alert - Microsoft Security Advisory 2974294 Released
What is the purpose of this alert? This alert is to notify you that Microsoft has released Security Advisory 2974294 - *Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service - *on June 17, 2014. *Summary* Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The vulnerability could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed and the service is restarted. The Microsoft Malware Protection Engine ships with several Microsoft antimalware products. See the Affected Software section for a list of affected products. Updates to the Microsoft Malware Protection Engine are installed along with the updated malware definitions for the affected products. Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly. Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration. *Affected Software* The following software is affected by the vulnerability *Antimalware Software* *Severity* *Impact* Microsoft Forefront Client Security Important Denial of Service Microsoft Forefront Endpoint Protection 2010 Important Denial of Service Microsoft Forefront Security for SharePoint Service Pack 3 Important Denial of Service Microsoft System Center 2012 Endpoint Protection Important Denial of Service Microsoft System Center 2012 Endpoint Protection Service Pack 1 Important Denial of Service Microsoft Malicious Software Removal Tool – (May 2014 or earlier versions) Important Denial of Service Microsoft Security Essentials Important Denial of Service Microsoft Security Essentials Prerelease Important Denial of Service Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2 Important Denial of Service Windows Defender for Windows RT and Windows RT 8.1 Important Denial of Service Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2 Important Denial of Service Windows Defender Offline Important Denial of Service Windows Intune Endpoint Protection Important Denial of Service *Last version of the Microsoft Malware Protection Engine affected by this vulnerability*: Version 1.1.10600.0 *First version of the Microsoft Malware Protection Engine with this vulnerability addressed*: Version 1.1.10701.0* *If your version of the Microsoft Malware Protection Engine is equal to or greater than this version, then you are not affected by this vulnerability and do not need to take any further action. For more information on how to verify the engine version number that your software is currently using, see the section, "Verifying Update Installation", in Microsoft Knowledge Base Article 2510781. *Recommendations* Review Microsoft Security Advisory 2974294 for an overview of the issue, details on affected components, suggested actions, frequently asked questions (FAQ), and links to additional resources. Customers who believe they are affected can contact Customer Service and Support by using any method found at this location: http://www.microsoft.com/security/default.aspx . *Additional Resources* · Microsoft Security Advisory 2974294 – *Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service - * https://technet.microsoft.com/library/security/2974294 · Microsoft Security Response Center (MSRC) Blog: http://blogs.technet.com/msrc · Microsoft Malware Protection Center (MMPC) Blog: http://blogs.technet.com/mmpc · Security Research & Defense (SRD) Blog: http://blogs.technet.com/srd *Regarding Information Consistency* We strive to provide you with accurate information in static (this mail) and dynamic (web-based) content. Microsoft’s security content posted to the web is occasionally updated to reflect late-breaking information. If this results in an inconsistency between the information here and the information in Microsoft’s web-based security content, the information in Microsoft’s web-based security content is authoritative. If you have any questions regarding this alert please contact your Technical Account Manager.
