A vulnerability allows attackers to disable Microsoft’s antimalware products. The vulnerability is located in the Microsoft Malware Protection Engine. It sits at the core of many Microsoft security products for desktops and servers. For home users, the new version should typically download and install automatically within 48 hours, but administrators in enterprise environments should make sure that their update management software is configured to approve the engine updates. Microsoft credited Tavis Ormandy, an information security engineer at Google, with discovering and reporting the vulnerability to the company.”]