Number: AV17-064
Date: 9 May 2017
Purpose
The purpose of this advisory is to bring attention to a recent security update to Microsoft Malware Protection Engine.
Assessment
CCIRC is aware of a critical vulnerability in the Microsoft Malware Protection Engine. Exploitation of this vulnerability may allow for remote code execution with elevated privileges.
Affected Versions:
Microsoft Malware Protection Engine version 1.1.13701.0 and prior
CVE Reference: CVE-2017-0290
Suggested Action
CCIRC recommends that system administrators test and deploy the vendor-released updates to affected applications accordingly.
References: