Major Microsoft Windows Defender flaw discovered by Google employee, patch released right away

2 minute read

Home » News » Major Microsoft Windows Defender flaw discovered by Google employee, patch released right away

By now, it’s obvious that Microsoft is pushing hard to make Windows Defender the standard, go-to security solution for Windows 10. It would seem that it’s quite a long way from that still as yet another critical flaw has been found in Windows Defender. The issue was brought to light by Tavis Ormandy, a security engineer for Google.

Google Project Zero

Tavis works at Google under the Project Zero initiative, a task force of sorts which aims to find critical problems within released software. Upon finding critical issues with the software, the software developer/vendor is contacted and asked to fix the problem.

After that, Project Zero gives the vendor 90 days to fix the problem. If a patch is not released in this time period, Google’s task force will take matters into its own hands and make the issue public, in service of the vendor’s customers which need to be informed about the major problem or problems found within the software they pay for.

Already on the job

There was no need for the second part of the initiative to take place this time as Microsoft already released a patch for the security vulnerability.

As for the actual vulnerability, the x86 emulator for Windows Defender was un-sandboxed. This might have impacted it negatively. The emulator was also affected by a bug. Ormandy contacted Microsoft directly to inquire about their decision of exposing the apicall instruction. Here is what the Windows maker had to say in response to Tavis Ormandy:

“I discussed Microsoft’s ‘apicall’ instruction that can invoke a large number of internal emulator apis and is exposed to remote attackers by default in all recent versions of Windows. I asked Microsoft if this was intentionally exposed, and they replied ‘The apicall instruction is exposed for multiple reasons’, so this is intentional”

Windows Defender update

The problem has been already patched, as previously mentioned, but users still need to apply said patch. For those trying to figure out whether or not they have the latest patch which contains the fix, that patch updates the Malware Protection Engine to version The current version installed on a PC can be checked in the Windows Defender section in Windows, which is under Update & Security.



Next up

Add a stop in Waze in just a couple of easy steps

Vlad Turiceanu By: Vlad Turiceanu
3 minute read

If you’re using Waze for your daily route or you went on a trip and realised that you have to stop somewhere, you can add […]

Continue Reading

How to access shared folders in VMware? Try this method

Alexandru Voiculescu By: Alexandru Voiculescu
2 minute read

Virtual machines are great tools to share folders between different operating systems such as Windows and Linux. However, Windows shortcuts and Linux symbolic links might […]

Continue Reading

How to prevent Borderlands 3 save file loss

John Taylor avatar. By: John Taylor
2 minute read

Borderlands 3 is the 4th Borderlands title to be launched, and it manages to keep the franchise as successful as ever. However, no game series […]

Continue Reading