back to article Researcher says fixes to Windows Defender's engine incomplete

In spite of a flurry of patches designed to fix Windows Defender, at least one security researcher reckons there's still work to be done. James Lee, who has presented at conferences like Zer0con, has contacted The Register to say the key vulnerable component, MsMpEng, is still subject to remote code execution. As with the …

  1. Anonymous Coward
    Anonymous Coward

    MS & security in the same breath?

    I remember laughing myself hoarse over that oxymoron, but the joke has gotten so old that it merely makes me weep that MS hasn't gotten any better over the decades.

    1. TheVogon

      Re: MS & security in the same breath?

      MS still manage fewer vulnerabilities than any enterprise alternatives though be it Suse, Solaris, Red hat, OS-X, etc etc.. And the most secure enterprise database + OS every year for the last decade has been Windows + SQL server.

      1. Franklin

        Re: MS & security in the same breath?

        "MS still manage fewer vulnerabilities than any enterprise alternatives though"

        It's 2017, are there still people who think you can simply count the total of vulnerabilities and learn anything meaningful?

        There are vulnerabilities and vulnerabilities. I'll take a dozen local DoS vulnerabilities over one remote code execution any day, kthx.

      2. hplasm
        Facepalm

        Re: MS & security in the same breath?

        Thanks Mr Vogon- I forgot it was opposite day again!

      3. Dwarf

        Re: MS & security in the same breath?

        @TheVogon

        Perhaps not ... See the NIST Vulnerability Database to see who writes the buggiest code.

        Don't forget that this is based on the number of products they provide, so the longest or shortest line isn't necessarily the worst vendor.

        1. TheVogon

          Re: MS & security in the same breath?

          "See the NIST vulnerability database"

          Yes, that where I would go too, and that site backs up my comments above, so I assume you are agreeing with me. Not sure why you posted a link to number of products per vendor though?

  2. Anonymous Coward
    Anonymous Coward

    Almost as good as the shill who posted that WD was not inferior to Kaspersky

    I always wondered if M$ put the vulnerbilites in for their friends in sunglasses but now I given up and put it down to sheer incompetence.

    1. Richard 12 Silver badge

      Re: Almost as good as the shill who posted that WD was not inferior to Kaspersky

      They will have been honest mistakes, because everybody makes mistakes.

      They have however clearly failed to correct some of their mistakes because of the guys in sunglasses.

      It remains unclear whether the black helicopter told them to leave these alone, or just kept quiet - wrongly thinking that no other malicious actors would ever find the faults.

    2. Anonymous Coward
      Anonymous Coward

      Re: Almost as good as the shill who posted that WD was not inferior to Kaspersky

      Yawn........

      See Microsoft in an article and out the M$ comes.....

      Really !!!!!!

      Why is it Linux people feel they have to denigrate Microsoft all the time - I don't like Skoda cars but I don't feel the need to go into every forum where they are mentioned just to slag them off.

      I use Linux because I have to - I don't want to because of the bleatings of the Linux community and the hostility and ridicule noobs get in the forums

      Sits back in his chair and awaits the diatribe and downvotes - Yawn.....

      1. Baldrickk

        Re: Almost as good as the shill who posted that WD was not inferior to Kaspersky

        I use Windows because I have to; mandated at work, and most of my games don't have *nix support yet.

        I personally would prefer to be able to use a Linux as my primary OS, but that's primarilly because I prefer the way it does things. I was perfectly happy to be using Windows 7, but the telemetry, ads, pre-installed "recommended" apps in Windows 10 are an annoyance, at best.

        1. Stevie

          Re: Almost as good as the shill who posted that WD was not inferior to Kaspersky

          Nonono, you can get "all the good games" on Linux. I've been told this many times.

  3. Stevie

    Bah!

    I just built out a new Win 7 Pro machine. Got the rollup to install but now it howls about needing updates to defender and complains it has never installed an update of any kind.

    If Intell it to go find the updates I get the same 51% cpu wheelspin I had for a year on another Win 7 machine that only cleared when the big Win10 update was pushed out a few months ago.

    I reckon the update telemetry database we all know is secretly in the path is swamped with 24x7 Win10 out-rattage operations.

    1. dhawkshaw

      Re: Bah!

      With a new or re-build of W7, then wsusoffline is most definitely your friend ! You'll be fully patched again in no time.

  4. Mikel

    I said this at the time

    It's not a secret that they're running a JavaScript interpreter in a system security context for performance reasons.

    Therefore they are never going to run out of vulnerabilities that allow remote code execution in a system security context.

  5. saif
    Holmes

    "Found on Linux, reproduced on Windows" ?

    This is from the tweet...so Linux now uses Windows Defender, eh? I suppose he might have discovered it using pen-testing software in Linux on virtualised Windows machine. This illustrates, IMO, why you need OS diversity; so that each can point out the pimples on the other one's nose.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like