Jump to content

Recommended Posts

Posted

ARS Technica published the following alert regarding Microsoft's Windows Defender:

 

Massive vulnerability in Windows Defender leaves most Windows PCs vulnerable
PCs can be compromised when Defender scans an e-mail or IM; patch has been issued.

SEBASTIAN ANTHONY (UK) - 5/9/2017, 8:20 PM

 

Microsoft on Monday patched a severe code-execution vulnerability in the malware protection engine that is used in almost every recent version of Windows (7, 8, 8.1, 10, and Server 2016), just three days after it came to its attention. Notably, Windows Defender is installed by default on all consumer-oriented Windows PCs.

The exploit (officially dubbed CVE-2017-0290) allows for a remote attacker to take over a system without any interaction from the system owner: it's simply enough for the attacker to send an e-mail or instant message that is scanned by Windows Defender. Likewise, anything else that is automatically scanned by Microsoft's malware protection engine—websites, file shares—could be used as an attack vector. Tavis Ormandy, one of the Google Project Zero researchers who discovered the flaw, warned exploits were "wormable," meaning they could lead to a self-replicating chain of attacks that moved from vulnerable machine to vulnerable machine.

 

To check whether your Windows PC has been updated, head to "Windows Defender settings" and note the Engine version number. 1.1.13704.0 or higher means you've been patched.

 

 

Note: Installing 3rd-party Anti-Virus/Security Suite will sometime replace and disable Microsoft's Windows Defender software, as the 3rd-party software is working as a replacement. 

Posted

Thanks for the reminder.

That was quick. Just yesterday read about the problem detected by the Google gurus.

Mine is patched.

 

9 hours ago, ukrules said:

Windows defender : Never used it

Only use this,

Never used any 3rd party scanners.

When following the article about this problem the site pointed me to a long list of severe Kaspersky and Symantec/McAfee security issues.

 

BTW: yesterday was MS patchday anyway (2nd Tuesday).

Got some patches and a reboot.

Posted (edited)

I use Defender for the firewall, but my anti-virus is a third-party app.

I just checked Defender settings, and my Engine version is blank.  So I'm guessing this vulnerability is in Defender Antivirus only.

 

I'm running Windows 10.  I tried installing a third-party firewall back when I first set it up, but after a day or so lost patience with it and stuck with Defender.  Anyone out there using a different firewall with Win 10?  Please don't reply with "try ____"

 

 

 

Edited by bendejo

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    • No registered users viewing this page.



×
×
  • Create New...