Microsoft Patches Inhouse AV (CVE 2017-11937)

Mon, Dec 11, 2017

If you use Windows, make sure you get this patch installed. Specially crafted files can trigger a memory corruption when being scanned by the Microsoft AV suite (defender, security essentials) and execute code as LocalSystem user. So you can exploit AV by having it scan your file. Classy!