This is a quick email to alert you about a newly disclosed vulnerability that affects all Microsoft operating systems from Windows 7 to Server 2016.
The vulnerability is present within the Malware Protection engine that runs as the SYSTEM superuser.
The detailed vulnerability report by the Google Security team is now public with proof of concept code. To summarise, the vulnerability results in remote code execution and can be triggered on any system which scans a vulnerability triggering text string or file.
Exploitation scenarios include:
Ensure the Microsoft Malware Protection Engine is able to receive the latest updates and threat definitions to resolve this issue.
It is also worth mentioning that another Microsoft vulnerability has been found by the Google Security team which has not yet been made public or patched. The issue is rumoured to affect all versions of Microsoft Windows and is remotely exploitable and wormable and may affect the TCP/IP implementation which would also bypass the Windows firewall.
We will send another alert when details become public.