Bug In Microsoft’s Anti-Malware Software Enabled The Execution Of Malware

Microsoft has rushed to patch a flaw in its Windows anti-malware software that ironically could be exploited to enable malware to be installed on vulnerable computers.

The bug, which was reported by two researchers from Google#s Project Zero cyber security team, was found to enable files with custom code to be executed when scanned by products in Microsoft’s anti-malware portfolio, which includes Microsoft Security Essentials, Windows Defender, and Microsoft Endpoint Protection.

From this code injection attack, hackers can gain administrative privileges over a machine running Windows 8, 8,1, 10 and Windows Server 2012.

“If the affected anti-malware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file scanned,” Microsoft’s security advisory warned.

“An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.”

Bug bashing

The Redmond company rapidly patched the bug in an emergency update, which looks to close the security hole within 48 hours.

However, the flaw which essentially bypassed the one job the anti-malware software was meant to do, will not have painted Microsoft’s security engineers in a good light.

“I think and I just discovered the worst Windows remote code exec in recent memory. This is crazy bad. Report on the way,” tweeted Travis Ormandy, one of the security researchers that discovered the bug.

“Vulnerabilities in MsMpEng [the Microsoft malware protection service enabled by default in modern Windows]  are among the most severe possible in Windows, due to the privilege, accessibility, and ubiquity of the service,” Ormandy noted on the Project Zero site.

While Microsoft can be commended for hurrying out a fix for the bug, which thus far does not look to have been exploited out in the wild, it has been caught with a fairly embarrassing software flaw.

Nevertheless, bugs are commonplace in even the most robust software, with closed ecosystems like Apple’s macOS suffering from the odd security compromising bug.

Are you a security pro? Try our quiz!

Roland Moore-Colyer

As News Editor of Silicon UK, Roland keeps a keen eye on the daily tech news coverage for the site, while also focusing on stories around cyber security, public sector IT, innovation, AI, and gadgets.

Recent Posts

Craig Wright Sentenced For Contempt Of Court

Suspended prison sentence for Craig Wright for “flagrant breach” of court order, after his false…

2 days ago

El Salvador To Sell Or Discontinue Bitcoin Wallet, After IMF Deal

Cash-strapped south American country agrees to sell or discontinue its national Bitcoin wallet after signing…

2 days ago

UK’s ICO Labels Google ‘Irresponsible’ For Tracking Change

Google's change will allow advertisers to track customers' digital “fingerprints”, but UK data protection watchdog…

2 days ago

EU Publishes iOS Interoperability Plans

European Commission publishes preliminary instructions to Apple on how to open up iOS to rivals,…

3 days ago

Momeni Convicted In Bob Lee Murder

San Francisco jury finds Nima Momeni guilty of second-degree murder of Cash App founder Bob…

3 days ago