Short Bytes: The researchers from Google Project Zero have revealed a remote code execution bug in Microsoft Windows. The attacker doesn’t require any software to take the advantage of the serious bug. Microsoft is expected to fix the bug on May 9 Patch Tuesday release, followed by a detailed report by the researchers.
Update (May 9, 2017, 6:00 pm IST): In the latest Patch Tuesday update, Microsoft has fixed the critical remote code execution bug reported by Google Project Zero researchers.
The bug (CVE-2017-0290), tagged as “crazy bad” by the researchers, was present in the Microsoft Malware Protection Engine, a software component that fuels various anti-malware products including MS Security Essentials and the inbuilt Windows Defender tool in different Windows versions.
You can read more in the security advisory issued by Microsoft.
A tweet from Google security researcher Tavis Ormandy surfaced a couple of days before Microsoft’s Patch Tuesday, scheduled for May 9. In his tweet made on May 6, Ormandy highlighted a Remote Code Execution bug in Microsoft Windows.
The critical vulnerability, described as “crazy bad”, was discovered by two Project Zero researchers Natalie Silvanovich and Tavis Ormandy.
Not many details were revealed in the initial tweet. However, Ormandy described a little more in a later tweet.
.@natashenka Attack works against a default install, don’t need to be on the same LAN, and it’s wormable. ?
— Tavis Ormandy (@taviso) May 6, 2017
According to him, the attack works on the default Windows installation, i.e., it doesn’t require any additional software. The attacker doesn’t have to be on the same LAN as the target machine. Also, the bug is “wormable” or self-replicating.
Ormandy mentioned in the tweet that a report will follow soon. And the revelation made near the Patch Tuesday escalates the speculations that Microsoft has prepared the fix for the remote code execution bug.
If you have something to add, drop your thoughts and feedback.
