• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Maliciously Crafted Files Can Dork-up Defender

July 9, 2013 By Corey Nachreiner

Among today’s more Critical alerts, Microsoft also released a bulletin describing a remote code execution flaw that affects Windows Defender running on Windows 7 and Server 2008 R2.

For those that don’t know, Windows Defender is Microsoft’s free Antivirus program. It ships by default with Windows Vista and 7, and is an optional download for older versions of Windows. According to Microsoft, Defender suffers from something they call an “improper pathname” vulnerability. In short, if an attacker can place a maliciously crafted application in a specific location on your Windows computer, she could leverage this flaw to gain full, SYSTEM-level privileges to your machine.

The good news is an attacker needs valid login credentials, and access to your computer, in order to place this malicious application on the system. This significantly mitigates the risk of this flaw, which is why Microsoft only assigns it an Important severity rating. Nonetheless, remote code execution flaws in security products are no laughing matter, even if they take significant privileges to exploit. If you run Windows Defender, I highly recommend you apply Microsoft’s Defender updates as soon as you can.— Corey Nachreiner, CISSP (@SecAdept)

Share This:

Related

Filed Under: Security Bytes

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • US National Cybersecurity Strategy
  • Cybersecurity’s Toll on Mental Health
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Here Come The Regulations

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • Here Come The Regulations
  • US National Cybersecurity Strategy
  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • Cybersecurity’s Toll on Mental Health
  • Successfully Prosecuting a Russian Hacker
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use