Published on: 07 December 2017
Microsoft has released a security update addressing a vulnerability in the Microsoft Malware Protection Engine. A malicious crafted file could be used to exploit the vulnerability when a crafted file is scanned by the affected engine. The crafted file could be delivered in several ways, such as enticing a user to open an attached file in an email message or an Instant Messenger message, uploading a file to a Windows-based shared location, or browsing a malicious website.
A successful attack could lead to remote code execution and take control of the affected system.
Patch for affected products will apply from built-in mechanism for the automatic detection and deployment of Microsoft Malware Protection Engine.
https://www.us-cert.gov/ncas/current-activity/2017/12/07/Microsoft-Releases-Security-Updates-its-Malware-Protection-Engine
https://www.hkcert.org/my_url/en/alert/17120802
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11937
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11940
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-11940