Yesterday’s patches included a vulnerability in the Microsoft Malware Protection Engine, which is used by Forefront Client Security, Forefront Security for Exchange Server, and Forefront Security for SharePoint. We recommend our customers immediately ensure that they have the latest Microsoft Malware Protection Engine update. The affected software provides built-in mechanisms for the automatic detection and deployment of this update.
This security update resolves two privately reported vulnerabilities in the Microsoft Malware Protection Engine. An attacker could exploit either of the vulnerabilities by constructing a specially crafted file that could allow denial of service when received by the target computer system and scanned by the Microsoft Malware Protection Engine. An attacker who successfully exploited either vulnerability could cause the Microsoft Malware Protection Engine to stop responding and automatically restart.
The Microsoft Malware Protection Engine is a part of several Microsoft products. Depending upon which product is installed, this security update has different severity ratings. This security update is rated Moderate for Windows Live OneCare, Microsoft Antigen for Exchange, Microsoft Antigen for SMTP Gateway, Microsoft Windows Defender, Microsoft Forefront Client Security, Microsoft Forefront Security for Exchange Server and Microsoft Forefront Security for SharePoint. This security update is rated Low for Standalone System Sweeper located in Diagnostics and Recovery Toolset 6. For more information, see the subsection, Affected and Non-Affected Software, in this section. The security update addresses the vulnerability by modifying the way that the Malware Protection Engine processes files. For more information about this vulnerability, see the Frequently Asked Questions (FAQ) subsection under the next section, Vulnerability Information.