Microsoft has issued an update for the Microsoft Malware Protection Engine, addressing a security vulnerability that could allow remote code execution if one of Microsofts anti-virus products scans a boobytrapped file. The vulnerability was found by Tavis Ormandy and Natalie Silvanovich, two researchers in Google’s Project Zero team. The risk is that an attacker could deliberately send a malicious file which exploits the vulnerability to a computer, whether it be via email, instant messaging or a web browser link.”]

