Serious hole in Windows Defender and Other major Applications

Posted on May 11 2017

Google Project Zero posted a serious vulnerability in Windows Defender and only 24 hours later, in record time, Microsoft has released a fix to this problem.

Being named “the worst remote code execution error in Windows of recent times”. The security bug was present in the Microsoft Malware Protection Engine (MMPE), the antivirus engine offered by Windows that is built in to the operating system.

It wasn't just Windows Defender that had this major issue, some other Microsoft software titles were affected as well. The complete list is as follows:

  • Windows Defender
  • Windows Intune Endpoint Protection
  • Microsoft Security Essentials
  • Microsoft System Center Endpoint Protection
  • Microsoft Forefront Security for SharePoint
  • Microsoft Endpoint Protection
  • Microsoft Forefront

Windows Defender is the antivirus that is activated by default in Windows 7, 8.1, RT 8.1, and Windows 10, in addition to Windows Server 2016. That makes all users with some of these versions installed, vulnerable to this serious hole in Security. 

Microsoft Released an Emergency Fix May 8th and detailed here on their website: https://technet.microsoft.com/en-us/library/security/4022344

If you have not updated your system since May 8th, it would be advisable to run your updates ASAP. This is a nasty bug that can self replicate and cause major issues. 

 

 

Recent Posts