Microsoft's virus scanner could create security hole

Auto-fix on the way, says software giant

An obscure fault in Microsoft's Malware Protection Engine could result in a vulnerability when the software performs a virus scan, according to Microsoft's security advisory.

During a scan, the engine fails to process a specially crafted Registry value correctly, reports Heise Online.

This could enable an attacker to elevate their privileges from restricted to system level to execute code and from there tamper with data, create new accounts with full user privileges or install programs.

Microsoft says the offending mpengine.dll is part of Windows Live OneCare, Microsoft Security Essentials, Windows Defender, Forefront Client Security, Forefront Endpoint Protection and the Malicious Software Removal Tool.

All versions up to 1.1.6502.0 are vulnerable.

The vulnerability has not been seen in the wild and will be fixed automatically at the next patching opportunity, Microsoft said. Meanwhile a manual fix can be downloaded from Microsoft's site.