Microsoft Fixes Windows Defender Zero-Day Bug
Microsoft has patched a zero-day bug in Windows Defender being actively exploited in the wild, as part of its monthly update round.
The first Patch Tuesday of 2021 featured fixes for 83 vulnerabilities in Windows OS, Edge, Office, Visual Studio, .Net Core, .Net Repository, ASP .Net, Azure, Malware Protection Engine and SQL Server.
Remote code execution bug CVE-2021-1647 is the most urgent, according to Chris Goettl, director of product management for security products at Ivanti. He recommended organizations ensure their Microsoft Malware Protection Engine is version 1.1.17700.4 or higher.
“Microsoft frequently updates malware definitions and the malware protection engine and has already pushed the update to resolve the vulnerability,” Goettl explained.
“For organizations that are configured for automatic updating no actions should be required, but one of the first actions a threat actor or malware will try to attempt is to disrupt threat protection on a system so definition and engine updates are blocked.”
Another CVE high up the priority list this month is CVE-2021-1648, a bug in the Windows splwow64 service that could allow an attacker to elevate their privilege level. Although publicly disclosed last month it isn’t thought to have been exploited yet.
Experts also highlighted CVE-2021-1666 as worthy of attention: the flaw in Microsoft’s GDI+ component impa ..