|
MS-DEFCON 1:
Current Microsoft patches are causing havoc. Don't patch.
|
-
Critical vulnerability in Microsoft’s Malware Protection Engine (CVE-2017-11937)
Posted on Comment on the AskWoody LoungeThis topic contains 5 replies, has 4 voices, and was last updated by
anonymous 10 months, 2 weeks ago.
-
Strange things happen. I received this night (Germany) a notification from Microsoft about a critical vulnerability in Microsoft’s Malware Protection Engine (CVE-2017-11937). All Windows versions using either Defender or Microsoft Security Essentials or Forefront are affected. But there are no updates available – and the link within Microsoft’s Update Catalog are broken.
I’ve documented my findings till yet within my blog post: Critical vulnerability in Microsoft’s Malware Protection Engine (CVE-2017-11937)
Perhaps other users can shed a bit more light into that topic. In case you have new insights, please leave a comment, either here or within my blog. I will also link from my article to this thread.
-
Ok, it seems I was lured into the wrong direction by Microsoft’s Security Center and it’s download links. I’ve added my blog post.
Defender and MSE are updating itself – and it seems that yesterday the Security module has been updated. That’s what I found out comparing the details on 2 Win 7 machines (one, which is always online and one, which hasn’t been booted since 3 days).
-
Win Defender Win8.1.64, 7.12.2017.
Antimalware Client Version: 4.10.209.0
Engine Version: 1.1.14405.2
Antivirus definition: 1.259.16.0
Antispyware definition: 1.259.16.0
Network Inspection System Engine Version: 2.1.14202.0
Network Inspection System Definition Version: 118.2.0.0 -
Microsoft Security Essentials updated this morning
antimalware client version: 4.10.209.0
engine version:Â 1.1.14405.2
antivirus definition:Â 1.259.16.0
antispyware definition 1.259.16.0
Network inspection system engine version: 2.1.14202.0
Network Inspection system definition version:Â 118.2.0.0 -
anonymousWin7 Pro, MSE.
Yes, this morning (Europe) there was a large download of definitions, taking the definition number on my main machine from 1.257.1460.0 yeaterday afternoon to 1.259.1.0 this morning. Some investigation with a spare, not-internet-facing, machine shows that:
My main machine updated to engine version 1.1.14405.2 sometime recently, while the spare machine (which was up-to-date within the last week) is still at 1.1.14306.0.
I suspect (and I am glad to see) that the engine is apparently kept up to date when using the on-line update method.
HMcF
-
anonymousWasn’t available in the USA earlier but showed up this PM. Win7 Pro x64 with Defender. Engine updated to 1.1.14405.2 and definitions to 1.259.37.0.
1 user thanked author for this post.
Keep AskWoody alive and free
Shop on Amazon by clicking on our affiliate link.
Buy anything, AskWoody gets a small bounty.
No charge to you, of course.
Recent Replies
-
6 minutes ago
-
greynad on
8 minutes ago -
Paul T on
1 hour, 6 minutes ago -
Seattle27 on
1 hour, 13 minutes ago -
1 hour, 13 minutes ago
-
Cybertooth on
2 hours, 54 minutes ago -
Susan Bradley on
3 hours, 45 minutes ago -
3 hours, 48 minutes ago
-
b on
4 hours, 51 minutes ago -
karma244 on
7 hours, 7 minutes ago -
gborn on
7 hours, 35 minutes ago -
planet on
7 hours, 42 minutes ago -
mbhelwig on
7 hours, 51 minutes ago -
8 hours, 18 minutes ago
-
8 hours, 19 minutes ago
-
woody on
8 hours, 23 minutes ago -
9 hours, 5 minutes ago
-
9 hours, 7 minutes ago
-
9 hours, 8 minutes ago
-
9 hours, 11 minutes ago