When this security advisory was issued, had this vulnerability been publicly disclosed? Microsoft received information about this vulnerability through coordinated vulnerability disclosure.
When this security advisory was issued, had Microsoft received any reports that this vulnerability was being exploited? Microsoft had not received any information to indicate that this vulnerability had been publicly used to attack customers when this security advisory was originally issued.
An attacker who successfully exploited this vulnerability could prevent the Microsoft Malware Protection Engine from monitoring affected systems until the specially crafted file is manually removed and the service is restarted.
The Microsoft Malware Protection Engine ships with several Microsoft antimalware products.
If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited.