RichCor Posted May 9, 2017 Share Posted May 9, 2017 ARS Technica published the following alert regarding Microsoft's Windows Defender: Massive vulnerability in Windows Defender leaves most Windows PCs vulnerablePCs can be compromised when Defender scans an e-mail or IM; patch has been issued. SEBASTIAN ANTHONY (UK) - 5/9/2017, 8:20 PM Microsoft on Monday patched a severe code-execution vulnerability in the malware protection engine that is used in almost every recent version of Windows (7, 8, 8.1, 10, and Server 2016), just three days after it came to its attention. Notably, Windows Defender is installed by default on all consumer-oriented Windows PCs. The exploit (officially dubbed CVE-2017-0290) allows for a remote attacker to take over a system without any interaction from the system owner: it's simply enough for the attacker to send an e-mail or instant message that is scanned by Windows Defender. Likewise, anything else that is automatically scanned by Microsoft's malware protection engine—websites, file shares—could be used as an attack vector. Tavis Ormandy, one of the Google Project Zero researchers who discovered the flaw, warned exploits were "wormable," meaning they could lead to a self-replicating chain of attacks that moved from vulnerable machine to vulnerable machine. To check whether your Windows PC has been updated, head to "Windows Defender settings" and note the Engine version number. 1.1.13704.0 or higher means you've been patched. Note: Installing 3rd-party Anti-Virus/Security Suite will sometime replace and disable Microsoft's Windows Defender software, as the 3rd-party software is working as a replacement. Link to comment Share on other sites More sharing options...
ukrules Posted May 9, 2017 Share Posted May 9, 2017 Windows defender : Never used it Link to comment Share on other sites More sharing options...
KhunBENQ Posted May 10, 2017 Share Posted May 10, 2017 Thanks for the reminder. That was quick. Just yesterday read about the problem detected by the Google gurus. Mine is patched. 9 hours ago, ukrules said: Windows defender : Never used it Only use this, Never used any 3rd party scanners. When following the article about this problem the site pointed me to a long list of severe Kaspersky and Symantec/McAfee security issues. BTW: yesterday was MS patchday anyway (2nd Tuesday). Got some patches and a reboot. Link to comment Share on other sites More sharing options...
bendejo Posted May 11, 2017 Share Posted May 11, 2017 I use Defender for the firewall, but my anti-virus is a third-party app. I just checked Defender settings, and my Engine version is blank. So I'm guessing this vulnerability is in Defender Antivirus only. I'm running Windows 10. I tried installing a third-party firewall back when I first set it up, but after a day or so lost patience with it and stuck with Defender. Anyone out there using a different firewall with Win 10? Please don't reply with "try ____" Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.