You are here
Home > Latest Posts > Latest News > Microsoft fixes Windows Defender vulnerability highlighted by Google researcher

Microsoft fixes Windows Defender vulnerability highlighted by Google researcher

Recently a Google researcher highlighted “the worst Windows remote code execution vulnerability” in recent memory on Twitter. While this may sound a bit irresponsible to do so when Microsoft hasn’t had a patch ready, Microsoft has acted and fixed this vulnerability now.

The updated version of Windows Defender on Windows 7, Windows 8.1 and Windows 10 comes with this vulnerability fixed. You need to open Windows Defender on your PCs and check for updates. Once updated,just confirm whether Defender Engine version is same or more recent than Version 1.1.13704.0. You can check Defender version by going to “About Windows Defender” from menu.

References Identification
Last version of the Microsoft Malware Protection Engine affected by this vulnerability Version 1.1.13701.0
First version of the Microsoft Malware Protection Engine with this vulnerability addressed Version 1.1.13704.0

Read more about this vulnerability below,

Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft.

The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.

The Microsoft Malware Protection Engine ships with several Microsoft antimalware products. See the Affected Software section for a list of affected products. Updates to the Microsoft Malware Protection Engine are installed along with the updated malware definitions for the affected products. Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly.

Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.

Read even more by clicking here.

Nayan

Nayan has more than 10 years of experience of covering Technology and innovations. He is a big Nokia fan and Tech disruptions aficionado. He loves to review new cool gadgets and writing about Windows, Gadgets and general Technology stuff.
He has been associated with other well-known Tech sites GadgetOx and Nokiapoweruser since long. He currently sports a Lumia 950 XL and Nexus 5X. Other interests include listening to Nu-Metal Hits and Kick-Boxing.

Write to him at Email: [email protected]

https://thewincentral.com
Top