Sci-tech

Microsoft fixes 'crazy bad' Windows vulnerability

Microsoft fixes 'crazy bad' Windows vulnerability

A massive and rather embarrassing remote code execution vulnerability has been discovered in Microsoft's MsMpEng, the malware protection engine used by Windows Defender, Microsoft Security Essentials, Microsoft Forefront, and Microsoft Endpoint in nearly every recent version of Windows (7, 8, 8.1, 10, and Server 2016).

The Microsoft Malware Protection Engine is used by various Microsoft products, including Windows Defender and Microsoft Security Essentials on consumer PCs, and products such as Microsoft Endpoint Protection, Microsoft Forefront, Microsoft System Center Endpoint Protection, or Windows Intune Endpoint Protection on the business side.

All that has to happen is for the malware protection engine to scan a specially crafted file sent by an attacker, at which point it will inadvertently trigger the malware, allowing said attacker to remotely gain control of the system - and then carry out whatever nastiness they desire.

Microsoft's advisory confirms the critical nature of the remote code execution flaw and how widespread it is - affecting Windows Defender in Windows 7, 8, 8.1, 10 default configurations as well as Microsoft's Endpoint and Forefront security software.

'Star Wars' story group manages teeming galaxy
But all the franchise's live-action movie premieres in May, past and future take place in the latter weeks of the month. This was mentioned by author Alan Arnold when he was chronicling the making of 1980 film, " The Empire Strikes Back ".

The bug was initially discovered and disclosed by members of Google's Project Zero researchers Natalie Silvanovich and Tavis Ormandy, who claimed in their advisory: "On workstations, attackers can access mpengine by sending emails to users (reading the email or opening attachments is not necessary), visiting links in a web browser, instant messaging and so on".

Click on the cogwheel icon in the lower left part of the interface.

Google released the vulnerability report on the Project Zero website.

Check the "Engine Version" on the page, and make sure it is at the very least 1.1.13704.0.

Security tight as Pope Francis celebrates open-air mass in Cairo
Francis made the comments on April 29 aboard the papal plane as he was returning to Rome after a trip to Egypt . Francis later went to the seat of the Coptic Orthodox Church to meet its spiritual leader, Pope Tawadros II.

Darron Gibbard, chief technology security officer at Qualys, told Infosecurity that the irony of this bug is that it is in the product which is created to protect operating systems against malware.

Because MsMpEng runs at the highest privilege level and is so ubiquitous across Windows PCs, this vulnerability is about as bad as it gets.

The Google researchers found that MsMpEngine contains a component called NScript that analyses any filesystem or network activity that looks like JavaScript. "MIME types and file extensions are not relevant to this vulnerability, as MsMpEng uses its own content identification system".

Islamic Jihad Rejects Palestine State within 1967 Borders
Barghouti's wife and other Palestinian officials dismissed the video as fake and an attempt to break the hunger strikers. Mustafa Ibrahim, a political analyst, sees the biggest challenge for Haniyeh will be marketing Hamas's revised charter.


  • K leader in Afghanistan killed in Afghan-US raid

    K leader in Afghanistan killed in Afghan-US raid

    The defense official, who briefed reporters traveling in Israel with Chairman of the Joint Chiefs of Staff Gen. It is said to maintain contact with Islamic State, but operates with considerable independence.
    Chelsea one win away from EPL Glory

    Chelsea one win away from EPL Glory

    We need to gain more points. "For sure now I am a bit relaxed". " Cesc is one of the best examples of our season ", Conte said. I think now the pressure, now is good pressure. "On Friday, we have an opportunity to win and to take a title".
    Iran makes indirect threat against Pakistan despite agreement to boost border security

    Iran makes indirect threat against Pakistan despite agreement to boost border security

    The warning came days after an alleged cross-border militant raid killed at least 10 members of the Iranian security forces. In 2014, Tehran warned it would deploy troops to Pakistan to retrieve five border guards kidnapped by Jaish-ul-Adl.
  • Canelo Alvarez Dominates Julio Cesar Chavez Jr. in PPV Bout

    Now the fighters will head in different directions: Canelo on to boxing's biggest stgae, and Chavez Jr., well, who knows where. Alvarez landed 43 percent (145-of-340) of his power punches, slightly less than his 46 percent average entering the fight.
    Calvin Harris to Release New Album on June 30

    Calvin Harris to Release New Album on June 30

    He's already made it clear that he's going for a groovy and feel good vibe for this LP which is set to be one blockbuster. Earlier this year, Harris shared his song "Heatstroke," featuring Pharrell, Ariana Grande and Young Thug.
    Futures rise as risk-on sentiment improves

    Futures rise as risk-on sentiment improves

    Tyson Foods TSN.N was the biggest S&P loser, down 6.2 percent after the meat processor reported a slump in quarterly profit. Vehicle rental company Hertz Global HTZ.N sank almost 19 percent at $12.20 following a bigger-than-expected quarterly loss.
  • A 'war of regime choices': South Koreans vote for new president

    A 'war of regime choices': South Koreans vote for new president

    Moon has said the decision was made hastily and the next administration should have the final say on whether to deploy the system. His victory was bolstered by strong support from younger people, the majority of whom voted for him, according to the exit polls.

    Mets hope to start Harvey Friday after ban

    Manager Terry Collins also would not discuss what triggered Harvey's suspension. “We hope to put it behind us and move forward.”. Harvey logged a 4.86 ERA over 92 2/3 innings in 2016, and then underwent season-ending thoracic outlet syndrome surgery in July.
    Japan destroyer leaves port reportedly to escort USA  warships

    Japan destroyer leaves port reportedly to escort USA warships

    President Donald Trump said Friday that North Korea had "disrespected" China by attempting to launch another ballistic missile. USA and South Korean officials say launch of missile, amid high tensions on the Korean Peninsula, appears to have failed.
  • Ryan Dismisses Criticism Of Health Plan As 'Bogus Attack From Left'

    Ryan Dismisses Criticism Of Health Plan As 'Bogus Attack From Left'

    People living with a host of medical conditions are anxious about the future of their coverage if the Republican plan becomes law. The contentious debate over overhauling the health care system shifts to the Senate and a moderate Republican, Sen.
    Liberal candidate Moon Jae-in claims victory in S Korea presidential election

    Liberal candidate Moon Jae-in claims victory in S Korea presidential election

    The historical, political and personal baggage Park leaves Moon only adds to what's already one of Asia's toughest jobs. He has repeatedly pledged during his campaign that South Korea would have an independent voice in the global community.
    Palestinians stay on hunger strike despite 'snacking' claims

    Palestinians stay on hunger strike despite 'snacking' claims

    He added, "Barghouti is a murderer and hypocrite who urged his fellow prisoners to strike and suffer while he ate behind their back".