Η Microsoft φαίνεται ότι επιδιόρθωσε ένα κενό ασφαλείας στον Windows Defender που κυκλοφορούσε exploit στο διαδίκτυο.
The remote code execution vulnerability in Microsoft Defender (CVE-2021-1647) turned the Windows security application into an attacker, triggering the execution of the malware during the malware scan, instead of isolating and deletionhis.
This means that if a archive sent via email or via a USB drive, the automatic scan downloads to your computer, rather than isolating the malware software will activate it immediately.
Exploit has been fixed in Patch Tuesday of the 12th and was one of 80 defects encountered by Microsoft developers.
To check if you are currently protected, simply check the scan engine version number in Windows Security. Open the application and check in Settings - About.
From the release 1.1.17700.4 and above the application is secure.
At least until the next 0day.