A security advisory has been released by Microsoft that addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. This allows an attacker who successfully exploited this vulnerability to execute arbitrary code in the security context of the LocalSystem account and take control of the system. 

The anti-malware software affected was Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. It is switched on by default in Windows 8, 8.1, 10, and Windows Server 2012.

Microsoft appears to have fixed the vulnerability in its security packages and the upgrade should be automatically fetched and installed by the scanner engine on your machines.

As a policy, Blue Sky Systems always advise purchase of additional AV software to run with Microsoft for added protection.

For further information regarding this advisory, please visit:

https://technet.microsoft.com/en-us/library/security/4022344

Browse Blog Categories
© 2025 Blue Sky Systems Company Reg: 8856125