Windows Defender update patches severe remote code execution bugs

By: Madeleine Dean
2 minute read
Windows Defender update

If Windows Defender is your main antivirus tool, make sure that you’re running the latest definition updates (1.1.14700.5) on your machine. Microsoft just patched a severe remote code execution bug that could allow hackers to take control over your computer.

The Redmond giant preferred to deploy the patch as soon as possible and not wait until April Patch Tuesday in order to nip remote code execution attempts in the bud.

As Microsoft explains, the root-cause for this vulnerability is an incomplete Malware Protection Engine scan that fails to detect the threat. This security vulnerability was initially discovered by the Google Project Zero team.

A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leading to memory corruption. An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem account and take control of the system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.

The latest Windows Defender update fixes this vulnerability by correcting the way in which Windows 10’s Malware Protection Engine scans specially crafted files.

There are many way attackers could take control over your machine. As Microsoft explains, hackers could push specially crafted files to your computer when your access a website. At the same time, attackers could send malware-infected files via email or instant messaging apps.

Websites that host user-provided content are the perfect vehicle for spreading malicious software that take advantage of this Windows Defender vulnerability.

End users don’t need to take any action to install the update as the automatic detection and update deployment will apply it within 48 hours of release.

For more information, check out Microsoft’s Security TechCenter.

RELATED STORIES TO CHECK OUT:

For various PC problems, we recommend this tool.

This software will repair common computer errors, protect you from file loss, malware, hardware failure and optimize your PC for maximum performance. Fix PC issues now in 3 easy steps:

  1. Download this PC Repair Tool rated "Excellent" on TrustPilot.com.
  2. Click “Start Scan” to find Windows issues that could be causing PC problems.
  3. Click “Repair All” to fix all issues with Patended Technologies (requires upgrade).

Discussions

Next up

Best Windows 10 antivirus software to use in 2018

By: Radu Tyrsina
7 minute read

Update – 2018 will soon come to an end and we already have a guide on what is the best antivirus you should get in […]

Continue Reading

These features are out for good with Windows 10 version 1809

iamsovy@gmail.com' By: Sovan Mandal
2 minute read

Microsoft is all set to launch its next big update, Windows 10 version 1809 in October. While that should be a nice piece of news […]

Continue Reading

Windows 10 18H2 builds no longer receive new features

By: Matthew Adams
3 minute read

The Windows 10 October 2018 Update (otherwise 18H2) rollout might now be two to three weeks away. For the last few months, new build previews […]

Continue Reading