Home
Laptops
Laptops News
Microsoft Fixes Critical Windows 10 Security Flaw Affecting Windows Defender

Microsoft Fixes Critical Windows 10 Security Flaw Affecting Windows Defender 725cc

By Jagmeet Singh | Updated: 4 April 2018 18:25 IST

Highlights

Microsoft has rolled out security updates
The updates patches critical remote execution vulnerability
It majorly affects Windows Defender on Windows and Windows Server

ment

Windows Defender on Windows and Windows Server platforms. The issue, listed as CVE2018-0986, exists within Microsoft Malware Protection Engine also impacts Microsoft Security Essentials, Microsoft Forefront EndPoint Protection 2010, Microsoft Exchange Server 2013 and 2016, and Windows Intune Endpoint Protection. Enterprise s and end s will not be required to install updates manually as there are built-in tools to automatically deploy the updates within 48 hours of their release. 251s5i

The new updates aren't a part of Microsoft's monthly security update phase. However, it tightens security across various Windows platforms, including Windows Server 2012. "An attacker who successfully exploited this vulnerability could execute arbitrary code in the security context of the LocalSystem and take control of the system. An attacker could then install programs; view, change, or delete data; or create new s with full rights," the company wrote while describing the vulnerability on its Security TechCenter.

Microsoft points out that there are "many ways" that a specially crafted file can be placed by the attacker. Moreover, it could be delivered via a website, email, or an instant messenger message or even through a site that accepts or host -provided content.

"If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited. All systems running an affected version of antimalware software are primarily at risk," Microsoft notes.

The security updates essentially correct the manner in which the Microsoft Malware Protection Engine scans specially crafted files. Further, the vulnerable Microsoft Malware Protection Engine version 1.1.14600.4 has been updated to version 1.1.14700.5.

Comments

For the latest reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.