Microsoft occasionally releases information on vulnerabilities that have been discovered. The company terms these “security bulletins”, and they cover all of the software maker’s programs. The latest concerns the Malware Protection Engine, and it has the catchy name of “security bulletin 2974294”, which gives no real information about what has happened.
It turns out, there is a vulnerability that could allow a denial of service attack, triggered when a specially crafted file is scanned by the program. Users should not have to take any action to fix the problem, as the updates will be pushed automatically.
“Updates for the Microsoft Malware Protection Engine are sent through security advisories as there is typically no action required to install the update. This is due to the fact that the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. There’s no action for you to take here – the engine will do it for you. The exact time frame depends on the software used, Internet connection, and infrastructure configuration”, says Microsoft’s Dustin Childs.
To find out more about the problem, you can follow the link below and read the entire security bulletin.