Windows Defender is still exposed to potential remote execution of code
Even if Windows Defender recently received patches, the antivirus is still vulnerable to attack through remote execution flaws.
Windows Defender still open to remote execution of code
It looks like the MsMpEng engine inWindows Defender is still exposed to the potential remote execution of code because of insufficient sandboxing. Security experts warned the company regarding this issue a while ago. Tavis Ormandy from Google is the one who discovered the main bugs from the Microsoft software, and he’s also the one who found the critical bugs in Windows Defender and asked the company to fix them. He said that the antivirus engine needs sandboxing.
Even more sandboxing needed
This is the same problem with the current version of Windows Defender. Even after its latest patches were released by the company, the software still features two vulnerabilities that let a system get hacked.
Microsoft hasn’t released any official statement and this is a little worrying because these reports of the latest vulnerabilities come right after the company rolled out patches for the old ones in this month’s Patch Tuesday – the day when Microsoft addresses security flaws in its latest software.
More details on the new flaws are not available for now. A full report regarding the newest flaws from Windows Defender is also expected as soon as possible. The company might still have a bit of work to do until this subject ends well.
RELATED STORIES TO CHECK OUT:
- Microsoft fixes a Windows Defender remote code execution vulnerability
- Download Windows Defender KB4022344 to stop WannaCry ransomware
- Issues with Windows Defender after installing Windows 10 Creators Update [Fix]
Recent comments on Reddit would suggest that Microsoft is still not playing the game when it comes to collecting data on its users. This is […]
So, you’re still looking for a nice Christmas present for your best friend? Well, if he/she is also a dog lover, look no further. In […]
Oftentimes, there is a rather weird The package could not be registered error message that shows up every time you try to open a .jpg […]