By: Maxwell (max.delete@this.a.com),
Room: Moderated Discussions
The Intel ME backdoor is tame compared with this:
MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5
"Mpengine is a vast and complex attack surface, comprising of handlers for dozens of esoteric archive formats, executable packers and cryptors, full system emulators and interpreters for various architectures and languages, and so on. All of this code is accessible to remote attackers."
Crazy! What were they thinking?
Max
MsMpEng: Remotely Exploitable Type Confusion in Windows 8, 8.1, 10, Windows Server, SCEP, Microsoft Security Essentials, and more.
https://bugs.chromium.org/p/project-zero/issues/detail?id=1252&desc=5
"Mpengine is a vast and complex attack surface, comprising of handlers for dozens of esoteric archive formats, executable packers and cryptors, full system emulators and interpreters for various architectures and languages, and so on. All of this code is accessible to remote attackers."
Crazy! What were they thinking?
Max
Thread (3 posts)
| Topic | Posted By | Posted |
|---|---|---|
| Most insane Windows security hole ever | Maxwell | |
| Most insane Windows security hole ever | VertexMaster | |
| More is Less secure | John H |



