Two critical Windows vulnerabilities discovered by Britain's spy agency GCHQ's cyber arm – the NCSC (National Cyber Security Centre) – could have allowed cybercriminals to hack PCs running Windows 10. The bugs were reportedly discovered by the NCSC during a probe into Microsoft's antivirus.
The vulnerabilities affected the core Windows Defender program – Microsoft's Malware Protection Engine. ZDNet reported that the bugs appear to be in the same classification as the "crazy bad" Windows zero day wormable flaw that was discovered by Google's Project Zero researchers in May.
"An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights," Microsoft said in a statement.
The bugs could have been exploited by hackers by either luring targets to a malicious website or by sending a specially crafted file via an email or instant message.
"If the affected antimalware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file is scanned. If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited. All systems running an affected version of antimalware software are primarily at risk," Microsoft said.
Fortunately, the flaws have not been exploited in the wild as they weren't publicly disclosed. Microsoft has already rolled out updates to fix the two flaws, which the firm identified as CVE-2017-11937 and CVE-2017-11940.