MS Security Advisory 4022344: Security Update for Microsoft Malware Protection Engine

The version of Microsoft Malware Protection Engine MMPE installed on the remote Windows host is prior to 1.1.13704.0. It is, therefore, affected by a remote code execution vulnerability in the NScript component in mpengine.dll due to a type confusion error. An unauthenticated, remote attacker can...

KLA11029 Multiple vulnerabilities in the Microsoft Malware Protection Engine

Multiple serious vulnerabilities have been found in Microsoft Malware Protection Engine. Malicious users can exploit these vulnerabilities to cause a denial of service and execute arbitrary code. Below is a complete list of vulnerabilities: 1. Multiple vulnerabilities related to an improper...

Microsoft Issues Emergency Patch For Critical RCE in Windows Malware Scanner

Microsoft's own antivirus software made Windows 7, 8.1, RT and 10 computers, as well as Windows Server 2016 more vulnerable. Microsoft has just released an out-of-band security update to patch the crazy bad bug discovered by a pair of Google Project Zero researchers over the weekend. Security...

Microsoft Malware Protection Engine Remote Code Execution Vulnerability

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSyste...

Microsoft Releases Critical Security Update

Microsoft has released a critical out-of-band security update addressing a vulnerability in the Microsoft Malware Protection Engine. A remote attacker could exploit this vulnerability to take control of an affected system. Users and administrators are encouraged to review Microsoft Security...

Symantec Protection Engine 7.0.x < 7.0.5 HF02 / 7.5.x < 7.5.5 HF01 / 7.8.x < 7.8.0 HF03 Multiple DoS (SYM16-015)

The version of Symantec Protection Engine SPE installed on the remote Windows host is 7.0.x prior to 7.0.5 hotfix 02, 7.5.x prior to 7.5.5 hotifx 01, or 7.8.x prior to 7.8.0 hotifx 03. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability...

Symantec Protection Engine 7.0.x < 7.0.5 HF02 / 7.5.x < 7.5.5 HF01 / 7.8.x < 7.8.0 HF03 Multiple DoS (SYM16-015) (Linux)

The version of Symantec Protection Engine SPE installed on the remote Linux host is 7.0.x prior to 7.0.5 hotfix 02, 7.5.x prior to 7.5.5 hotifx 01, or 7.8.x prior to 7.8.0 hotifx 03. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability...

Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010)

The version of Symantec Protection Engine installed on the remote host is 7.0.x prior to 7.0.5 HF01, 7.5.x prior to 7.5.3 HF03, or 7.8.x prior to 7.8.0 HF01. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file...

Symantec Protection Engine Detection

Binary data symantecprotectionengine.nbin...

Symantec Protection Engine 7.0.x < 7.0.5 HF01 / 7.5.x < 7.5.3 HF03 / 7.8.x < 7.8.0 HF01 Multiple Vulnerabilities (SYM16-010) (*nix check)

The version of Symantec Protection Engine installed on the remote host is 7.0.x prior to 7.0.5 HF01, 7.5.x prior to 7.5.3 HF03, or 7.8.x prior to 7.8.0 HF01. It is, therefore, affected by multiple vulnerabilities : - An array indexing error exists in the Unpack::ShortLZ function within file...

Buffer overflow

Buffer overflow in Dec2LHA.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac;...

Memory corruption

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac; Symantec Endpoint Protection SEP for...

Memory corruption

The AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac; Symantec Endpoint Protection SEP for...

Buffer overflow

Buffer overflow in Dec2SS.dll in the AntiVirus Decomposer engine in Symantec Advanced Threat Protection ATP; Symantec Data Center Security:Server SDCS:S 6.x through 6.6 MP1; Symantec Web Gateway; Symantec Endpoint Protection SEP before 12.1 RU6 MP5; Symantec Endpoint Protection SEP for Mac;...

Symantec Decomposer Engine Multiple Parsing Vulnerabilities

SUMMARY Symantec is aware of buffer overflow and memory corruption findings in the AntiVirus Decomposer engine used in various configurations by multiple Symantec products. FAQ on Impact to Symantec Products: AFFECTED PRODUCTS Affected Enterprise Products Product | Version | Solutions ---|---|---...

Microsoft released a“denial of service vulnerability”fixes-bug warning-the black bar safety net

In patch 5 9 IE vulnerability after Microsoft finally for its security software to plug a security vulnerability. It is reported that the vulnerability may be in use“Malware Protection engine”Malware Protection Engineto scan when triggered. Then, the attacker can use it to launch denial of...

CVE-2014-2779

mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service system hang via a crafted file...

Design/Logic Flaw

mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service system hang via a crafted file...

CVE-2014-2779

mpengine.dll in Microsoft Malware Protection Engine before 1.1.10701.0 allows remote attackers to cause a denial of service system hang via a crafted file...

CVE-2014-2779

CVE-2014-2779 affects the Microsoft Malware Protection Engine (MMPE) prior to version 1.1.10701.0. A crafted file can cause the MMPE to stop monitoring, leading to a denial of service (system hang). The vulnerability is exploitable remotely over the network. Mitigation is to update MMPE to versio...