Release date:
Updated on:
Affected Systems:
Microsoft Malware Protection Engine <1.1.9506.0
Description:
--------------------------------------------------------------------------------
Bugtraq id: 59885
CVE (CAN) ID: CVE-2013-1346
The Microsoft Malware Protection Engine (mpengine. dll) provides scanning, monitoring, and cleanup capabilities for antivirus and Anti-Spyware clients.
On the X64 platform, the mpengine. dll in Microsoft Malware Protection Engine 1.1.9506.0 or earlier has a security vulnerability, which allows remote attackers to execute arbitrary code using specially crafted files and may cause DOS.
<* Source: vendor
Link: http://secunia.com/advisories/53444/
*>
Suggestion:
--------------------------------------------------------------------------------
Vendor patch:
Microsoft
---------
The vendor has released a patch to fix this security problem. Please download it from the vendor's homepage:
Http://technet.microsoft.com/security/bulletin/
Http://technet.microsoft.com/en-us/security/advisory/2846338