FYI...

MS Security Advisory 4022344
Security Update for Microsoft Malware Protection Engine
- https://technet.microsoft.com/en-us/...y/4022344.aspx
May 8, 2017 - "Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft. The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system... Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration..."
___

- http://www.infoworld.com/article/319...virus-bug.html
May 9, 2017 - "... critical security vulnerability in the Microsoft Malware Protection Engine affects a number of Microsoft products, including Windows Defender, Windows Intune Endpoint Protection, Microsoft Security Essentials, Microsoft System Center Endpoint Protection, Microsoft Forefront Security for SharePoint, Microsoft Endpoint Protection, and Microsoft Forefront Endpoint Protection. These tools are enabled by default in Windows 8, 8.1, 10, and Windows Server 2012..."

- http://www.securitytracker.com/id/1038419
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-0290
May 9 2017
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13704.0), available via automatic update.
The vendor has also provided information on how to manually update the Microsoft Malware Protection Engine, available at:
- https://support.microsoft.com/kb/2510781
___

- http://www.securitytracker.com/id/1038420
CVE Reference: https://nvd.nist.gov/vuln/detail/CVE-2017-0290
May 9 2017
Fix Available: Yes Vendor Confirmed: Yes
Impact: A remote user can create content that, when scanned by the target application, will execute arbitrary code with LocalSystem privileges on the target system.
Solution: The vendor has issued a fix (Microsoft Malware Protection Engine 1.1.13704.0), available via automatic update.
The vendor has also provided information on how to manually update the Microsoft Malware Protection Engine, available at:
- https://support.microsoft.com/kb/2510781
___

- https://www.us-cert.gov/ncas/current...ecurity-Update
May 08, 2017