Even if Windows Defender recently received patches, the antivirus is still vulnerable to attack through remote execution flaws.
Windows Defender still open to remote execution of code
It looks like the MsMpEng engine inWindows Defender is still exposed to the potential remote execution of code because of insufficient sandboxing. Security experts warned the company regarding this issue a while ago. Tavis Ormandy from Google is the one who discovered the main bugs from the Microsoft software, and he’s also the one who found the critical bugs in Windows Defender and asked the company to fix them. He said that the antivirus engine needs sandboxing.
Even more sandboxing needed
This is the same problem with the current version of Windows Defender. Even after its latest patches were released by the company, the software still features two vulnerabilities that let a system get hacked.
Microsoft hasn’t released any official statement and this is a little worrying because these reports of the latest vulnerabilities come right after the company rolled out patches for the old ones in this month’s Patch Tuesday – the day when Microsoft addresses security flaws in its latest software.
More details on the new flaws are not available for now. A full report regarding the newest flaws from Windows Defender is also expected as soon as possible. The company might still have a bit of work to do until this subject ends well.
RELATED STORIES TO CHECK OUT:
- Microsoft fixes a Windows Defender remote code execution vulnerability
- Download Windows Defender KB4022344 to stop WannaCry ransomware
- Issues with Windows Defender after installing Windows 10 Creators Update [Fix]