Microsoft released a“denial of service vulnerability”fixes-bug warning-the black bar safety net

ID MYHACK58:62201450128
Type myhack58
Reporter 佚名
Modified 2014-06-23T00:00:00


In patch 5 9 IE vulnerability after Microsoft finally for its security software to plug a security vulnerability. It is reported that the vulnerability may be in use“Malware Protection engine”(Malware Protection Engine)to scan when triggered. Then, the attacker can use it to launch denial of service(DoS)attacks, unless the file is deleted and restarted.

Microsoft the patch set into“important”level.

Although an attacker to achieve a successful attack, requires from the user some interaction(such as downloading an attachment and opening), can be given that the majority of the user's skill level and safety awareness, unpatched systems are still will face great risks.

Affected by the vulnerability of software, including Microsoft Forefront Client Security, Microsoft Forefront Endpoint Protection 2 0 1 0, Microsoft Forefront Security for SharePoint Service Pack 3, Microsoft System Center 2 0 1 2 Endpoint Protection, Microsoft Malicious Software Removal Tool, and Windows Intune Endpoint Protection, Microsoft Security Essentials and Windows Defender, the last one, but with the latest Microsoft OS together with pre-installed, the impact is also the most widely.

Although Microsoft through the“automatic updates”to upgrade the software definitions database and engine, but the user is still best to see your“Malware Protection engine”, whether the version has been upgraded to 1. 1. 1 0 7 0 1. 0 and above.