Microsoft yesterday released a security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft.The vulnerability which was reported by Tavis Ormandy of Google Project Zero could allow denial of service if the Microsoft Malware Protection Engine scans a specially crafted file.
An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed and the service is restarted. The Microsoft Malware Protection Engine ships with several Microsoft antimalware products.
Microsoft has now released an update to its Antimalware Engine 1.1.10701.0 and it was released to all Microsoft Security Essentials, Forefront Client Security, Forefront Endpoint Protection, Windows Intune Endpoint Protection, and System Center Endpoint Protection customers on 17 Jun 2014. Signature package 18.104.22.168 is the first that contains this engine.
Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.