Microsoft has issued an advisory alerting customers of a security update that fixes a vulnerability across all of its antimalware products, including Security Essentials and its Forefront enterprise endpoint suite.
Microsoft said the update is automatically installed with updated malware definitions for affected products. In most cases, the update will be deployed automatically in the next 48 hours with no action required of enterprise administrators, Microsoft said.
"Administrators of enterprise installations should follow their established internal processes to ensure the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly," Microsoft said in its advisory.
Microsoft antimalware software affected by the vulnerability includes Microsoft Windows Live OneCare, Microsoft Security Essentials, Microsoft Windows Defender, Microsoft Forefront Client Security, Microsoft Forefront Endpoint Protection 2010 and the Microsoft Malicious Software Removal Tool (MSRT).
An update fixing the vulnerability in the MSRT will be issued March 8, Microsoft said, noting that updating the tool is a lower priority since an attacker cannot exploit the vulnerability by running MSRT manually.