Sci-tech

Microsoft Patches Critical Malware Protection Engine Vulnerability

Microsoft Patches Critical Malware Protection Engine Vulnerability

The Verge has obtained internal concepts of what they claim to be Microsoft's new HomeHub feature that will reportedly make its way to users of Windows 10 PCs in the third major update to the OS this September. Injected code could run with administrative privileges, so attackers could gain full control of the system, install spyware, steal or encrypt files, and so on.

Microsoft has released an update to fix a vulnerability discovered in its MsMpEng malware protection engine used in Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, and more.

He added it was "tremendous" that Microsoft had released the patch so quickly. In a summary of the issue, Microsoft said updates will automatically be applied within 48 hours.

NBC Cancels "Timeless", ABC Cancels Tim Allen Sitcom 'Last Man Standing'
If anything, the show's average 8.1 million viewers per episode were probably too intimidating for ABC, so the network got scared. It is now unclear if the same issue may have popped up again, only earlier, and led to the decision to cancel the series.

Windows 8, 8.1, 10 and Windows Server operating systems are affected by the bug. He tweeted on Friday, without revealing specifics or the affected product, that he and Silvanavich had found "the worst Windows remote code exec in recent memory". They found that a particular function in the engine fails to validate message properties from an object before passing it along to a runtime state.

"Mpengine is a vast and complex attack surface, comprising of handlers for dozens of esoteric archive formats, executable packers and cryptors, full system emulators and interpreters for various architectures and languages, and so on", the researchers said.

The exploit involved MsMpEngine, a core process of Windows Defender, which contains a component called NScript that analyzes JavaScript activity.

Packers Draft Day 3 Selections
A lingering offseason memory in Green Bay is the blowout loss to the Atlanta Falcons in the NFC title game. Vince Biegel woke up Saturday morning, looked at the television, and tried not to be disappointed.

Microsoft notes in its advisory that in most cases users and admins will not have to take any actions to install the patch since its anti malware products by default receive updates from Microsoft, such as new malware signatures. "This is as surprising as it sounds".

"Before executing JavaScript, mpengine uses a number of heuristics to decide if evaluation is necessary", Ormandy and Silvanovich wrote.

And if real-time scanning is not enabled, then the hacker would have to wait until a scheduled scan occurs for the vulnerability to be exploited. This includes unopened email attachments, unfinished downloads, temporary internet files cached by the browser and even user content submitted to a website that's hosted on a Windows-based web server running Internet Information Services (IIS).

Motorcylist smashes into truck and is set alight in China
This is the horrifying moment a motorcyclist smashed into a truck at a T junction and his bike burst into flames. The truck driver added: 'The first thing on my mind was to rescue the man.


  • Minnesota Students Outraged, United After Fake Racist Note

    Minnesota Students Outraged, United After Fake Racist Note

    Wells said she destroyed the note "because she didn't want to look at it or have it anywhere near her", according to the file. At the same time, however, " We continue to investigate the other racist incidents, which we are taking very seriously ".
    Dead, 1 Injured in Officer-Involved Shooting in Bridgeport

    Dead, 1 Injured in Officer-Involved Shooting in Bridgeport

    Perez said Boulay has been placed on administrative leave pending the outcome of a Connecticut State Police investigation. Anyone with information is asked to contact state police by texting TIP711 and any information to 274637.
    Democrats compare Comey sacking to Nixon's Watergate

    Democrats compare Comey sacking to Nixon's Watergate

    Ahead of the meeting, the President said "when things calm down, they will be thanking me!" about politicians in Washington. Rogers' associates also said he clashed with Mike Flynn, who was national security adviser but has since been fired.
  • ACC and Notre Dame Extend Partnership

    ACC and Notre Dame Extend Partnership

    Virginia adds future games with the Fighting Irish on the road in 2026 and 2034 and at home in 2031 and 2035. The Irish play five games per year against ACC teams, as part of a deal first hatched in 2014 .
    'PPAP' Singer Makes A Cameo In PSY's New Video

    'PPAP' Singer Makes A Cameo In PSY's New Video

    Both are jams doused in PSY's signature style, with equally-as-fun music videos to boot. Good luck getting either out of your head.
    I might release tax returns -- when I'm out of office

    I might release tax returns -- when I'm out of office

    President Trump "might" release his taxes - but only after he's left office, he said in a new interview . Trump has dodged requests to release his tax returns throughout his campaign and presidency thus far.
  • Scott Disick Back on the G-Wagon with Hotties!!!

    Scott Disick Back on the G-Wagon with Hotties!!!

    An insider said: " Kourtney and Younes have seen each other several times in the last week". Another pal said, "She is single and having fun".
    Rime's Digital Nintendo Switch Price Adjusted To Match Other Platforms

    Rime's Digital Nintendo Switch Price Adjusted To Match Other Platforms

    Nintendo of America has announced its plan for E3 2017 it looks like the focus will main be on the Switch games releasing in 2017. ARMS will make its way to Nintendo Switch on June 16th, while the squid shooter sequel fun of Splatoon 2 is launching July 21st.
    Brie Bella Gives Birth to Birdie Joe Danielson

    Brie Bella Gives Birth to Birdie Joe Danielson

    I don't know you hear women want to beat up everyone in the hospital room as it is, I can't imagine having the cameras in there. Thank you all for your thoughts and prayers on the safety of Birdie coming into this world", she proudly said .
  • Sheriffs use chopper to warn of swarm of sharks

    Sheriffs use chopper to warn of swarm of sharks

    Some who gathered along the shore waded out into the water because they wanted to see the great whites in person. Meanwhile in Long Beach, about 10 juvenile great whites were also spotted swimming along the shore.
    Afghan ISIS leader and mastermind killed

    Afghan ISIS leader and mastermind killed

    Both the Afghan and U.S. forces conducted regular strikes against the loyalists of the terror group in this province. John Nicholson, commander of US forces in Afghanistan, said in a statement.
    Ariel Winter is living with her 29-year-old boyfriend

    Ariel Winter is living with her 29-year-old boyfriend

    The actress advocates for herself as someone who as "good at arguing", which will help her in the courtroom. Listen to her story about a desperate Postmates delivery in the video at the top of the page.