
MS Security Advisory 4022344: RCE in Windows Defender - rdl
https://technet.microsoft.com/en-us/library/security/4022344
======
Analemma_
It sounds a bit counterintuitive, but for me this just confirms that you
should only be running Microsoft's AV software and avoiding all that third-
party crap like the plague. This bug was more subtle than the ones Tavis has
found in the third-party products, and Microsoft responded immediately with a
fix instead of giving them the runaround.

------
modeless
"To be clear, this is an unsandboxed and highly privileged JavaScript
interpreter that is used to evaluate untrusted code, by default on all modern
Windows systems. This is as surprising as it sounds."

[https://bugs.chromium.org/p/project-
zero/issues/detail?id=12...](https://bugs.chromium.org/p/project-
zero/issues/detail?id=1252)

~~~
Clownshoesms
Why on earth?? I don't get why the engine would be executing JavaScript, even
if it were sandboxed, in the first place? That doesn't sound sensible.

------
rdl
This was the vulnerability found by Tavis and Natashenka from P0:
[https://twitter.com/taviso/status/860679110728622080](https://twitter.com/taviso/status/860679110728622080)

Impressive that Microsoft patched within 3 days.

~~~
jvehent
It always depends on the vulnerability, but most major organizations are able
to patch critical issues in less than 24 hours. That's the result of improving
continuous integration and release engineering pipelines to the extreme.

The real issue is getting 100% of users to download and apply the patches. We
haven't solved that one yet.

