Microsoft quickly fixes 'crazy bad' Windows bug

The end of updates doesn't really affect most consumers because Windows 10's mandatory update approach ensures that users are - for the most part - always running the most up to date version of the OS.

In the past two years, Ormandy has been one of the most proficient bug hunters out there, discovering zero-days and unpatched vulnerabilities in products such as CloudFlare, LastPass, Bromium's micro-virtualization technology, and multiple antivirus engines such as Kaspersky, ESET, FireEye, Malwarebytes, AVG, Avast, Symantec, Trend Micro, and Comodo.

"Vulnerabilities in MsMpEng (Microsoft Malware Protection Engine) are among the most severe possible in Windows, due to the privilege, accessibility, and ubiquity of the service", Ormandy wrote in a report. Addressing the discovery in a security advisory this week, Microsoft confirmed that successful exploitation would see the attacker "take control of the system". It could be triggered by something as simple as sending an email. Doing so would have required attackers to make a "specially crafted file" meant to be scanned by the Microsoft Malware Protection Engine.

Microsoft did note that the risk of an attacker remotely executing code is lower on Windows 10 and Windows 8.1 than previous versions of the operating system because of CFG, a security feature that protects against memory corruption. The JavaScript could arrive in a web page, instant message, tweet, email or any other format that would be monitored by antivirus software.

Buhari receives released Chibok girls behind closed doors
There was no comment yet from the Nigerian presidency or Boko Haram, an extremist group linked to the Islamic State. President Buhari has not hidden his willingness to "bend over backwards" to secure the release of the girls.

At the time, Ormandy only said the vulnerability was "the worst Windows remote code exec in recent memory" and that the issue was "wormable" and even a default installation could be exploited.

The flaw was discovered by Google cybersecurity researchers Tavis Ormandy and Natalie Silvanovich.

According to the Project Zero team, the issue was in Microsoft's anti-malware protection engine.

While Ormandy hasn't revealed specific details as of yet - and it is now unknown which versions of Windows this exploit affects - he has said that the vulnerability works against a default install as well, and can easily spread, regardless if it's on a separate Local Area Network (LAN).

Turkey's Erdogan calls on Muslims to increase visits to Al-Aqsa mosque
The two countries reconciled in part a year ago and restored diplomatic ties to an ambassadorial level. Israel occupied the West Bank and East Jerusalem in 1967.

The update is being pushed automatically and out of its regular schedule by Microsoft. The good news here is that Microsoft was quick to respond with an emergency patch. Without it the infected file will activate only when the system is scanned-but you won't know it's there until it's too late. Home users may need to make sure that the update to Windows Defender is selected among "important updates" if they do not have Windows Update automatically installing updates.

There is also a security update for Adobe Flash Player for Windows 10 Version 1703 (KB4020821) and the standard monthly release of the updated Windows Malicious Software Removal Tool (KB890830).

"Mpengine is a vast and complex attack surface, comprising of handlers for dozens of esoteric archive formats, executable packers and cryptors, full system emulators and interpreters for various architectures and languages, and so on", the researchers said. "This is as surprising as it sounds".

Texas Cities Suit To Protect New Sanctuary Cities Law
Attorney General Ken Paxton's office filed the federal lawsuit Monday, a day after Republican Gov. With a stroke of his pen he achieved one of the state's major goals for the legislative session.

Related news