Content
(MS08-029) Microsoft Malware Protection Engine Vulnerability I (952044)
- Type
- Logic error
- Impact of exploitation
- Denial of Service
- User Interaction
- no user interaction is needed
- Attack Vector
- Maliciously Crafted File
- Rating
- Medium
- CVE reference
- CVE-2008-1437,
- Vendor Status
- Responded and patched
- Vulnerable systems
- Windows Live Onecare ,
- Antigen for Exchange 9.x,
- Antigen for SMTP Gateway 9.x,
- Windows Defender for Windows XP ,
- Windows Defender in Windows Vista ,
- Forefront Client Security,
- Forefront Edge Server,
- Forefront Security for Exchange Server,
- Forefront Security for Sharepoint,
- Standalone System Sweeper with MDOP ,
- Summary
- A vulnerability is present in Microsoft Malware Protection Engine that could allow for denial-of-service attacks. Exploitation could occur when processing specially crafted files.
Tab Navigation
Description
The Microsoft Malware Protection Engine is used to scan and detect malware. A vulnerability exists in Microsoft Malware Protection Engine that could allow for denial-of-service attacks. The flaw lies in processing of specially crafted files by the engine. Successful exploitation could cause the host to no longer respond or to restart.
McAfee Product Mitigation & Recommendations
Recommendations
Download and install the patch available from Microsoft (952044): http://www.microsoft.com/technet/security/Bulletin/MS08-029.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-029) Microsoft Malware Protection Engine Vulnerability I (952044)
- Signature identifier:
- 5865
- Release date:
- 5/13/2008
McAfee Intrushield
This signature provides coverage for this vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- HTTP: Microsoft Malware Protection Engine Integer Underflow
- Signature identifier:
- 0x40246500
- Release date:
- 5/13/2008
- First released in:
- Sigset(s) 4.1.26, 3.1.63
Additional Resources
Microsoft Security Bulletin: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
http://www.microsoft.com/technet/security/bulletin/MS08-029.mspx
All Information
Timeline -
5/13/2008
Vendor has provided a patch.
Description -
The Microsoft Malware Protection Engine is used to scan and detect malware. A vulnerability exists in Microsoft Malware Protection Engine that could allow for denial-of-service attacks. The flaw lies in processing of specially crafted files by the engine. Successful exploitation could cause the host to no longer respond or to restart.
McAfee Product Mitigation & Recommendations
Recommendations -
Download and install the patch available from Microsoft (952044): http://www.microsoft.com/technet/security/Bulletin/MS08-029.mspx
McAfee Product Mitigation
McAfee Foundstone
This Foundstone vulnerability check can be used to assess if your systems are vulnerable and is expected to accurately identify if a system is vulnerable in many enterprise environments.
- Signature:
- (MS08-029) Microsoft Malware Protection Engine Vulnerability I (952044)
- Signature identifier:
- 5865
- Release date:
- 5/13/2008
McAfee Intrushield
This signature provides coverage for this vulnerability. McAfee Avert Labs will continue to update our coverage, as needed, as new exploit vectors are discovered and as new threats emerge.
- Signature:
- HTTP: Microsoft Malware Protection Engine Integer Underflow
- Signature identifier:
- 0x40246500
- Release date:
- 5/13/2008
- First released in:
- Sigset(s) 4.1.26, 3.1.63
Additional Resources
Additional Resources -
Microsoft Security Bulletin: Vulnerability in Microsoft Malware Protection Engine Could Allow Denial of Service (952044)
http://www.microsoft.com/technet/security/bulletin/MS08-029.mspx
