Again, Microsoft patches vulnerability in Malware Protection Engine found by Google

Posted 29 May 2017 19:43 CEST by Jan Willem Aldershoff

Microsoft again patched a critical vulnerability in Windows Defender, Security Essentials, and other security software that allowed an attacker to take over vulnerable Windows computers. The vulnerability was in the Malware Protection Engine. The patch was released last week and is different from a similar vulnerability for which the software giant previously released an emergency patch.

The Malware Protection Engine is used by the built-in virusscanner Windows Defender, but also by other security software from Microsoft, such as Security Essentials, Microsoft Endpoint Protection and Microsoft Forefront Security for SharePoint Service. The software normally runs in the background and continuously scans files and websites.

The vulnerability made it possible for an attacker to execute random code with system privileges by sending an email to the victim. Simply receiving the mail was sufficient to become a victim to the attack, as all received emails are scanned by the Malware Protection Engine.

The vulnerability was discovered by Google security researcher Tavis Ormandy who reported the issue to Microsoft on the 12th of May. Ormandy previously discovered a similar issue in the Malware Protection Engine for which Microsoft released an emergency patch and warning. The new vulnerability was silently patched last Wednesday, according to Ormandy

Ormandy reported on the 25th of May that Microsoft silently rolled out an update. The same day Microsoft published an overview with all vulnerabilities Microsoft patched in the Malware Protection Engine. settings

Several settings at can be changed, they are stored in cookies, which means they will be reset if you clear cookies


Change the background to a plain color or trianglified image (similar to the default image)

No tracking features

At Myce most social media feature are done server side and impose no privacy risk to the visitor when not used. Several features use Javascript with you can turn off here


Switch to the List layout for an index with chronologycally listed news items or Grid layout for a block based layout. To see the change you need to reload the page