Major Microsoft Windows Defender flaw discovered by Google employee, patch released right away

Costea Lestoc By: Costea Lestoc
2 minute read

Home » News » Major Microsoft Windows Defender flaw discovered by Google employee, patch released right away

By now, it’s obvious that Microsoft is pushing hard to make Windows Defender the standard, go-to security solution for Windows 10. It would seem that it’s quite a long way from that still as yet another critical flaw has been found in Windows Defender. The issue was brought to light by Tavis Ormandy, a security engineer for Google.

Google Project Zero

Tavis works at Google under the Project Zero initiative, a task force of sorts which aims to find critical problems within released software. Upon finding critical issues with the software, the software developer/vendor is contacted and asked to fix the problem.

After that, Project Zero gives the vendor 90 days to fix the problem. If a patch is not released in this time period, Google’s task force will take matters into its own hands and make the issue public, in service of the vendor’s customers which need to be informed about the major problem or problems found within the software they pay for.

Already on the job

There was no need for the second part of the initiative to take place this time as Microsoft already released a patch for the security vulnerability.

As for the actual vulnerability, the x86 emulator for Windows Defender was un-sandboxed. This might have impacted it negatively. The emulator was also affected by a bug. Ormandy contacted Microsoft directly to inquire about their decision of exposing the apicall instruction. Here is what the Windows maker had to say in response to Tavis Ormandy:

“I discussed Microsoft’s ‘apicall’ instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if this was intentionally exposed, and they replied ‘The apicall instruction is exposed for multiple reasons’, so this is intentional”

Windows Defender update

The problem has been already patched, as previously mentioned, but users still need to apply said patch. For those trying to figure out whether or not they have the latest patch which contains the fix, that patch updates the Malware Protection Engine to version 1.1.139.03.0. The current version installed on a PC can be checked in the Windows Defender section in Windows, which is under Update & Security.

RELATED STORIES TO CHECK OUT:

Discussions

Next up

Windows needs activation again? Here’s what to do

John Waibochi avatar. By: John Waibochi
3 minute read

At times, your computer will report that Windows needs activation again, despite it being already activated. This happens across the various versions of Windows 10 […]

Continue Reading

7 best antimalware tools for Windows 10 to block threats in 2019

Elsie Otachi By: Elsie Otachi
7 minute read

As long as you have a computer or smart devices, whether at home or in business, you’ve got to constantly resolve to get rid of […]

Continue Reading

Windows 10 Start Menu lets you remove more pre-installed apps

Rabia Noureen avatar. By: Rabia Noureen
2 minute read

Microsoft is planning to add some major changes to the Start Menu as a part of Windows 10 May 2019 Update coming next month. The […]

Continue Reading