Recently a Google researcher highlighted “the worst Windows remote code execution vulnerability” in recent memory on Twitter. While this may sound a bit irresponsible to do so when Microsoft hasn’t had a patch ready, Microsoft has acted and fixed this vulnerability now.
Attack works against a default install, don't need to be on the same LAN, and it's wormable. 🔥
— Tavis Ormandy (@taviso) May 6, 2017
The updated version of Windows Defender on Windows 7, Windows 8.1 and Windows 10 comes with this vulnerability fixed. You need to open Windows Defender on your PCs and check for updates. Once updated,just confirm whether Defender Engine version is same or more recent than Version 1.1.13704.0. You can check Defender version by going to “About Windows Defender” from menu.
| References | Identification |
| Last version of the Microsoft Malware Protection Engine affected by this vulnerability | Version 1.1.13701.0 |
| First version of the Microsoft Malware Protection Engine with this vulnerability addressed | Version 1.1.13704.0 |
Read more about this vulnerability below,
Microsoft is releasing this security advisory to inform customers that an update to the Microsoft Malware Protection Engine addresses a security vulnerability that was reported to Microsoft.
The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system.
The Microsoft Malware Protection Engine ships with several Microsoft antimalware products. See the Affected Software section for a list of affected products. Updates to the Microsoft Malware Protection Engine are installed along with the updated malware definitions for the affected products. Administrators of enterprise installations should follow their established internal processes to ensure that the definition and engine updates are approved in their update management software, and that clients consume the updates accordingly.
Typically, no action is required of enterprise administrators or end users to install updates for the Microsoft Malware Protection Engine, because the built-in mechanism for the automatic detection and deployment of updates will apply the update within 48 hours of release. The exact time frame depends on the software used, Internet connection, and infrastructure configuration.
Read even more by clicking here.
