SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Security)  >   Microsoft Malware Protection Engine Vendors:   Microsoft
Microsoft Malware Protection Engine Scanning Bug Lets Remote and Local Users Deny Service
SecurityTracker Alert ID:  1030438
SecurityTracker URL:  http://securitytracker.com/id/1030438
CVE Reference:   CVE-2014-2779   (Links to External Site)
Date:  Jun 17 2014
Impact:   Denial of service via local system, Denial of service via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 1.1.10600.0 and prior
Description:   A vulnerability was reported in Microsoft Malware Protection Engine. A remote or local user can cause denial of service conditions.

A user can create a specially crafted file that, when scanned by the Microsoft Malware Protection Engine, will prevent the engine from monitoring the system(s) until the file is removed and the service is restarted.

The following product versions are affected:

Microsoft Forefront Client Security
Microsoft Forefront Endpoint Protection 2010
Microsoft Forefront Security for SharePoint SP3
Microsoft System Center 2012 Endpoint Protection
Microsoft System Center 2012 Endpoint Protection SP1
Microsoft Malicious Software Removal Tool
Microsoft Security Essentials
Microsoft Security Essentials Prerelease
Windows Defender for Windows 8, Windows 8.1, Windows Server 2012, and Windows Server 2012 R2
Windows Defender for Windows RT and Windows RT 8.1
Windows Defender for Windows XP, Windows Server 2003, Windows Vista, Windows Server 2008, Windows 7, and Windows Server 2008 R2
Windows Defender Offline
Windows Intune Endpoint Protection

Tavis Ormandy of Google Project Zero reported this vulnerability.

Impact:   A remote or local user can prevent the engine from monitoring the target system(s).
Solution:   The vendor has issued a fix (1.1.10701.0).

The vendor's advisory is available at:

https://technet.microsoft.com/en-us/library/security/2974294

Vendor URL:  technet.microsoft.com/en-us/library/security/2974294 (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC