Microsoft appears to have patched a security flaw in the Windows Defender that was circulating exploits on the internet.
The remote code execution vulnerability in Microsoft Defender (CVE-2021-1647) turned the Windows security application into an attacker, triggering the execution of the malware software when scanning for malware, instead of isolating and deleting it.
This means that if a file is sent via email or a USB drive, the automatic scan will download to your computer, instead of isolating the malware, it will activate it immediately.
Exploit has been fixed in Patch Tuesday of the 12th and was one of 80 defects encountered by Microsoft developers.
To check if you are currently protected, simply check its version number machinescan in the Windows Security application. Open the app and check in Settings – About.
From the release 1.1.17700.4 and above the application is secure.
At least until the next 0day.