Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Microsoft released an emergency security patch for a serious vulnerability
If you are using Windows OS, install this security patch now.
Microsoft has released an emergency security patch to fix the RCE (Remote Code Execution) error on the Malware Protection Engine (MPE), allowing an attacker to execute remote code and gain control of the victim's computer.
Enabled by default, Microsoft Malware Protection Engine provides basic security features (such as scanning, detecting, deleting) for Microsoft antivirus and anti-malware software.
See also: 10 most effective antivirus software for Windows 2017
According to Microsoft, the vulnerability affects many of its security software, including Windows Defender and Microsoft Security Essentials, along with Endpoint Protection, Forefront Endpoint Protection and Exchane Server 2013 and 2016, Windows 7, Windows 8.1, Windows 10, Windows RT 8.1 and Windows Server.
Install Windows security patch now to not be hacked
The code is CVE-2017-11937, this vulnerability is actually caused by the memory failure when the Malware Protection Engine scans for fake files to detect vulnerabilities.
The vulnerability allows hackers to take control of the PC
Microsoft said the attacker placed the infected file in a location, then scanned the Malware Protection Engine for memory errors and allowed remote code execution on the LocalSystem account and took control of the target machine.
"There are many ways to place this file, such as using a website that users access," Microsoft explained. Other ways can be email, chat applications. The attacker can also "take advantage of the website to approve or store the content the user provides to upload the file to a common location, then the Malware Protection Engine scans the host server and gets an error."
Download the security patch now
Microsoft assured customers that the vulnerability was fixed before any attack. They have released security updates and recommend patching as soon as possible. Most users can receive automatic emergency patches.
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937
This vulnerability was commanded by British National Network Security Center (NCSC), GCHQ's network security organization, and discovered and reported by the Department. The patch also came a few days before Microsoft released a Patch Tuesday patch for December.
See also: Microsoft released an updated patch for 25 critical security holes
Isabella HumphreyYou should read it
- The best antivirus protection for Windows 10 in 2020
- How to fix BlueKeep security error for Windows 2003, Windows XP, Windows 7, Windows Server 2008
- Windows 7 users need to install Microsoft patches immediately to fix BlueKeep security errors
- Microsoft released an updated patch for 25 critical security holes
- Microsoft released a patch for 75 critical vulnerabilities on Windows 7 / 8.1 / 10, asking users to install
- Microsoft is preparing to release a series of new security holes
- Microsoft fixes 8 critical vulnerabilities
- Enhance Windows security with Panda Gold Protection
May be interested
- Apple patched many zero-day bugs in iOS 15.4.1 and macOS 12.3.1 updates
apple has simultaneously released new versions of their software to update features, fix bugs and patch security holes. - Google releases emergency update to patch Chrome vulnerabilitygoogle has just released an emergency security update to fix a discovered zero-day security vulnerability in the chrome browser.
- Microsoft releases urgent patch for printer error emergency patchthe patch for microsoft's printer vulnerability on windows again caused an error, forcing the company to issue another urgent patch.
- Microsoft released emergency patch updates for Windows 10microsoft has officially released urgent updates for windows 10 1909 and many older versions of the operating system are still in support, to fix a series of screen-related errors. green screen, wifi connection, unstable performance ...
- Apple Patches Zero-Day Vulnerability That Could Let iPhones, iPads, and MacBooks Get Hackedapple has just released a security update to patch two zero-day vulnerabilities. in it, one has been made public and another is being exploited by hackers to penetrate iphones and macs. these are the first zero-day vulnerabilities that apple will patch in 2022.
- Google has reported a zero-day vulnerability that has just appeared in Windows 7, Microsoft has not yet released a patchaccording to google's disclosure in a blog post on march 7, 2019, microsoft seems to be having a problem with a zero-day vulnerability in windows 7 that has yet to release a thorough patch.
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackersnot long after the log4j vulnerability was discovered, the patch was released. however, the irony is that this patch has holes.
- Detected critical zero-day vulnerability on Adobe Readeradobe has just released the may security update to patch security holes in 12 of their products. among them is a serious zero-day vulnerability in adobe reader that is being actively exploited by hackers.
- Hacker revealed the second Zero-Day, broke Windows' EoP vulnerability patcha security researcher with a nickname sandboxescaper recently publicly shared a second zero-day exploit, which can be used to break up an advanced security patch for a privileged vulnerability that is only currently available. here in microsoft windows operating system.
- Apple releases iOS 14.4.2, iOS 12.5.2, and watchOS 7.3.3 updates that patch the critical zero-day vulnerabilityapple just released a series of security updates aimed at addressing a relatively serious zero-day vulnerability on ios.
Attack the network
- The risk of losing all passwords is due to the built-in password management tool on Windows 10
- Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
- Detecting new malware on Android can damage phones
- Warning: a new variant of the virus that fills virtual money via Facebook Messenger will appear every 10 minutes
- Hundreds of thousands of IoT devices are likely to be attacked by vulnerabilities on the server
- VNCERT warns Internet users in Vietnam to change their email and Facebook passwords immediately
The risk of losing all passwords is due to the built-in password management tool on Windows 10
Warning: The new Facebook virus, a malicious code that is spreading rapidly through Messenger
Detecting new malware on Android can damage phones
Warning: a new variant of the virus that fills virtual money via Facebook Messenger will appear every 10 minutes
Hundreds of thousands of IoT devices are likely to be attacked by vulnerabilities on the server
VNCERT warns Internet users in Vietnam to change their email and Facebook passwords immediately