Anti-Virus Apps Open Door to Hackers

Anti-Virus Apps Open Door to Hackers
Microsoft has scrambled to fix a critical bug in many anti-malware products which hackers can exploit.

(CCM) — Microsoft has fixed a critical bug in Windows anti-virus software which allows hackers to take control of a computer with a simple email.

The bug affects Microsoft Malware Protection Engine, or mpengine.dll, the core of Windows Defender in Windows 10, as well as other popular anti-malware products. Simply scanning a specially-crafted file is enough to trigger a memory-corruption issue which compromises the computer.

Since many anti-virus programs are configured with real-time protection enabled to scan incoming files automatically, hackers can simply email a malicious file as an attachment to their victims to take control of their computers. Hackers can also take over a server by uploading a malicious file to a website which accepts user-provided content and scans it with the Malware Protection Engine.

"If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs for the vulnerability to be exploited. All systems running an affected version of anti-malware software are primarily at risk," Microsoft warned.

These systems include Windows 10, 8.1, and 7, and Windows Server 2016, 2012 R2, 2012, and 2008 R2.

Once compromised, hackers can install programs which steal online banking details, log passwords, or set the victim's computer to work mining crypto-currencies such as Bitcoin.

Users should receive the security fix automatically within 48 hours, Microsoft says.

Image: © welcomia -