Microsoft has deployed a security patch to address a major vulnerability in Windows Firewall, the default anti-malware utility included with Windows.
A security flaw could allow an attacker to remotely use the computer. Microsoft said the flaw was found in Windows 7, 8, 8.1, 10, and Windows Server 2016 systems.
Malware Malware has been exploited when Windows Firewall scanned malicious emails or instant messages to take control of a user's system. The vulnerability could allow an attacker to remotely control a user's computer, and the user could not take any action.
Microsoft said the attack is based on the NScript component of MsMpEngine, a key process in Windows Firewall.
NScript is intended to analyze JavaScript, but researchers have found that it can control a few lines of JavaScript from websites, e-mails, instant messages, or other data sources scanned from Windows Firewall.
Windows Firewall boasts the highest level of security and privileges on your computer. If exploited, the attacker can take care of the system as they wish.
The flaw was discovered by Zapon Sawandi and Natalie Silvanovich of the Google project Zero. "This is the worst Windows remote code manager I've encountered," he said of the vulnerability.
He also pointed out that this could turn into a network worm. This means that programs can re-create themselves on the network of unpatched systems.
Microsoft has released an emergency update patch after it found a vulnerability. Patches are automatically installed on the user's system through the Microsoft Windows Firewall update process.
To verify that your system is protected, you must open the Setup program in the Windows Start menu, click Update and Security, and then select Windows Firewall in the sidebar.
If the firewall is version 1.1.13704.0 or later, the patch is installed; otherwise, you need to run Windows Firewall, go to the Updates tab, and select "Update definitions".
