Bug In Microsoft’s Anti-Malware Software Enabled The Execution Of Malware

Microsoft has rushed to patch a flaw in its Windows anti-malware software that ironically could be exploited to enable malware to be installed on vulnerable computers.

The bug, which was reported by two researchers from Google#s Project Zero cyber security team, was found to enable files with custom code to be executed when scanned by products in Microsoft’s anti-malware portfolio, which includes Microsoft Security Essentials, Windows Defender, and Microsoft Endpoint Protection.

From this code injection attack, hackers can gain administrative privileges over a machine running Windows 8, 8,1, 10 and Windows Server 2012.

“If the affected anti-malware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file scanned,” Microsoft’s security advisory warned.

“An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.”

Bug bashing

The Redmond company rapidly patched the bug in an emergency update, which looks to close the security hole within 48 hours.

However, the flaw which essentially bypassed the one job the anti-malware software was meant to do, will not have painted Microsoft’s security engineers in a good light.

“I think and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way,” tweeted Travis Ormandy, one of the security researchers that discovered the bug.

“Vulnerabilities in MsMpEng [the Microsoft malware protection service enabled by default in modern Windows]  are among the most severe possible in Windows, due to the privilege, accessibility, and ubiquity of the service,” Ormandy noted on the Project Zero site.

While Microsoft can be commended for hurrying out a fix for the bug, which thus far does not look to have been exploited out in the wild, it has been caught with a fairly embarrassing software flaw.

Nevertheless, bugs are commonplace in even the most robust software, with closed ecosystems like Apple’s macOS suffering from the odd security compromising bug.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Mark Zuckerberg Overtakes Bezos To Become Second-Richest Man

Billionaire battle. Meta's boss Mark Zuckerberg overtakes Jeff Bezos to become the world’s second richest…

12 hours ago

US, Microsoft Disrupts Russian FSB Hackers

Internet domains used by “Russian intelligence agents and their proxies” for cyberattacks, seized by the…

14 hours ago

Mike Lynch Died From Drowning, Coroner Inquest Rules

UK's tech billionaire Dr Mike Lynch died from drowning on his superyacht, but his daughter's…

17 hours ago

Tesla Recalls 27,000 Cybertrucks Over Rear Camera Issue

Another recall for thousands of Tesla Cybertrucks over delay with rear camera, with could hamper…

1 day ago

Browser Firms Press EU To Reconsider Microsoft Edge As Gatekeeper

Browser firms write to European Commission alleging Microsoft's Edge web browser enjoys an unfair advantage

1 day ago

Microsoft Invests €4.3 Billion In Italy For AI, Cloud

Data centre and AI spending spree continues over at Microsoft, with Italy earmarked for €4.3…

2 days ago