You should immediately ensure that you have the latest Microsoft Malware Protection Engine update says Microsoft. Why? Because an attacker who successfully exploited this new vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Let's see how this happens.
If there was one software you'd demand to be secure from malware attacks it would have to be malware protection software itself, right ? Sadly, this is not the case with Microsoft Defender, the software giant's new all-in-one security tool .
According to security bulletin CVE-2006-5270 - Microsoft Malware Protection Engine Vulnerability, Integer overflow in the Microsoft Malware Protection Engine (mpengine.dll), as used by Windows Live OneCare, Antigen, Defender, and Forefront Security, permits user-assisted remote attackers to execute arbitrary code via a PDF file. All the following are at risk of remote code execution:
According to the bulletin –which was rated 'critical' – a remote code execution vulnerability exists in the Microsoft Malware Protection Engine because of the way that it parses Portable Document Format (PDF) files. An attacker could exploit the vulnerability by creating a specially crafted PDF File that could potentially allow remote code execution when the target computer system receives, and the Microsoft Malware Protection Engine scans, the PDF file.
To have one insecure security product could be seen as unlucky; to have eight ..well... it looks a bit like negligence.
