Microsoft has rolled-out security updates to fix a critical remote code execution flaw affecting Windows Defender and other anti-malware products.
Ahead of April’s Patch Tuesday, Microsoft has released patches for the critical flaw, which affects Microsoft Malware Protection Engine, or mpengine.dll, the core of Windows Defender in Windows 10.
“An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system,” warns Microsoft.
“An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.”
Google Project Zero researcher Thomas Dullien, aka Halvar Flake, discovered that attackers can trigger a memory-corruption issue in the engine if they can get Windows Defender and other affected security products to scan a specially-crafted file.
http://www.zdnet.com/article/windows-10-security-microsoft-patches-critical-flaw-in-windows-defender/