Cybersecurity Alert: Critical Security Vulnerabilities in Microsoft Antimalware Products and Intel Chips

May 9, 2017

This alert contains information about recent security vulnerabilities discovered in Microsoft antimalware products and Intel chips.

Critical Bug Discovered in Certain Microsoft Antimalware Products

A critical vulnerability in the Microsoft Malware Protection Engine may allow hackers to install malware, remotely execute code, and take control of vulnerable computers. Attackers could exploit the flaw by sending an email, web page, or instant message containing malicious code to the affected computer. The exploit would be triggered without the recipient taking any action, as Microsoft antimalware software scans files in real time. Microsoft released a patch for the Microsoft Malware Protection Engine that fixes the bug.

Microsoft antimalware software is turned on by default in Microsoft Windows 8, 8.1, 10, and Windows Server 2012. For a complete list of affected products, see Microsoft’s security advisory: https://technet.microsoft.com/en-us/library/security/4022344

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures:

  • If you use any of the affected Microsoft antimalware products, ensure that you are running the latest version.
  • While many A/V and antimalware tools experience critical vulnerabilities, consider implementing next-generation antivirus solutions and application whitelisting.
     

Intel Chip Vulnerability

A vulnerability in some Intel chips may allow hackers to remotely hijack affected machines without a password. The bug stems from Intel's Active Management Technology (AMT), which allows IT administrators to manage devices remotely. Security researchers discovered that AMT's web portal allows hackers to enter the admin username and any or no password to get into the system. Intel is working with hardware partners to fix the issue.

For more information and a list of affected products, see Intel’s security advisory: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

ACA Aponix Guidance

ACA Aponix recommends taking the following precautionary measures:

Intel recommends taking the precautionary measures described in their security advisory: https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00075&languageid=en-fr

If you have any questions, please contact your ACA Aponix consultant or email us at info@acaaponix.com.