Microsoft modifies open-source code, blows hole in Windows Defender

https://www.theregister.co.uk/2018/04/04/microsoft_windows_defender_rar_bug/

        A remote-code execution vulnerability in Windows Defender - a
        flaw that can be exploited by malicious .rar files to run
        malware on PCs - has been traced back to an open-source
        archiving tool Microsoft adopted for its own use. The bug,
        CVE-2018-0986, was patched on Tuesday in the latest version of
        the Microsoft Malware Protection Engine (1.1.14700.5) in
        Windows Defender, Security Essentials, Exchange Server,
        Forefront Endpoint Protection, and Intune Endpoint Protection.
        This update should be installed, or may have been
        automatically installed already on your device.

 - - -

--Lauren--
Lauren Weinstein (lau...@vortex.com): https://www.vortex.com/lauren 
Lauren's Blog: https://lauren.vortex.com
Google Issues Mailing List: https://vortex.com/google-issues
Founder: Network Neutrality Squad: https://www.nnsquad.org 
         PRIVACY Forum: https://www.vortex.com/privacy-info
Co-Founder: People For Internet Responsibility: https://www.pfir.org/pfir-info
Member: ACM Committee on Computers and Public Policy
Google+: https://google.com/+LaurenWeinstein
Twitter: https://twitter.com/laurenweinstein
Tel: +1 (818) 225-2800
_______________________________________________
nnsquad mailing list
https://lists.nnsquad.org/mailman/listinfo/nnsquad

Reply via email to