A second out-of-band patch issued this week addresses a denial-of-service vulnerability in Microsoft Defender.

Dark Reading Staff, Dark Reading

September 25, 2019

1 Min Read

Microsoft this week released two emergency security patches: one to fix a zero-day remote code execution flaw in Internet Explorer (CVE-2019-1367), and another to address a denial-of-service (DoS) vulnerability in Microsoft Defender, which was not previously known or exploited.

The latter, CVE-2019-1255, was discovered by Charalampos Billinis of F-Secure Countercept and Wenxu Wu of Tencent Security Xuanwu Lab. A vulnerability exists when Microsoft Defender, an anti-malware feature built into Windows, improperly handles files. An attacker could exploit this to prevent legitimate accounts from executing legitimate system binaries, Microsoft says. To exploit the DoS vulnerability, an attacker would first require execution on the target system.

This week's patch alters the way Microsoft Defender handles files. The last affected version of the Microsoft Malware Protection Engine is Version 1.1.16300.1, and the first version with the vulnerability addressed is Version 1.1.16400.2. Since the Malware Protection Engine is automatically updated, Microsoft says no action is required to install the latest update. Users who don't want to wait for the update can manually update their anti-malware software.

Read more details here.

Edgepromohorizontal.jpgCheck out The Edge, Dark Reading's new section for features, threat data, and in-depth perspectives. Today's top story: "'Playing Around' with Code Keeps Security, DevOps Skills Sharp."

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights