British security agency finds flaw in Microsoft Windows system
The NCSC found the vulnerability when it was reviewing antivirus solutions after concerns about a Russian antivirus software, which was allegedly involved in cyber-spying operations, according to the report on a Romanian website on the information technology industry and software.
The security flaw is described as a remote code execution bug that would allow an attack to take full control of an unpatched system. An unpatched system is an old system with its security not updated and so vulnerable to viruses and other attacks.
The vulnerability could be exploited if malicious files are used on the target computer during the scanning of a computer system with real-time protection turned on.
Microsoft is now working with the British agency to have this patched by updating its malware protection engine with the latest version that is capable of removing the bug, the report said. ■