Google's Project Zero team said the vulnerability can be leveraged against victims by simply sending an email to users - without the need for the message to be opened or any attachments to be downloaded.
An attack leveraging the exploit could also be conducted through malicious website visits or instant messaging.Īccording to Ormandy, the vulnerability could not only be exploited to work against default systems, but is also "wormable." In other words, malware using the exploit can replicate itself and spread beyond the target system. "Vulnerabilities in MsMpEng are among the most severe possible in Windows, due to the privilege, accessibility, and ubiquity of the service," the team said.
"If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited." "If the affected antimalware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file scanned," Microsoft said.
0 kommentar(er)
