Microsoft appears to have patched a security flaw in Windows Defender that was released exploit on the Internet.
Η vulnerability implementationof remote code in Microsoft Defender (CVE-2021-1647) turned the Windows security application into an intruder, triggering malware when scanning for malware, instead of isolating and deleting it.
This means that if a archive σταλεί μέσω email ή μέσω κάποιου USB drive, κατέβει στον υπολογιστή σας η αυτόματη σάρωση, αντί να απομονώσει το κακόβουλο software will activate it immediately.
Exploit has been fixed in Patch Tuesday of the 12th and was one of 80 defects encountered by Microsoft developers.
To check if you are currently protected, simply check the scan engine version number in Windows Security. Open the application and check in Settings - About.
From the release 1.1.17700.4 and above the application is secure.
At least until the next 0day.