The bug (CVE-2017-0290), tagged as “crazy bad” by the researchers, was present in the Microsoft Malware Protection Engine, a software component that fuels various anti-malware products including MS Security Essentials and the inbuilt Windows Defender tool in different Windows versions.
You can read more in the security advisory issued by Microsoft.
Atweet from Google security researcher Tavis Ormandy surfaced a couple of days before Microsoft’s Patch Tuesday, scheduled for May 9. In his tweet made on May 6, Ormandy highlighted a Remote Code Execution bug in Microsoft Windows.
The critical vulnerability, described as “crazy bad”, was discovered by two Project Zero researchers Natalie Silvanovich and Tavis Ormandy.
Not many details were revealed in the initial tweet. However, Ormandy described a little more in a later tweet.
According to him, the attack works on the default Windows installation, i.e., it doesn’t require any additional software. The attacker doesn’t have to be on the same LAN as the target machine. Also, the bug is “wormable” or self-replicating.
Ormandy mentioned in the tweet that a report will follow soon. And the revelation made near the Patch Tuesday escalates the speculations that Microsoft has prepared the fix for the remote code execution bug.