Microsoft Fixes Windows Defender Zero-Day Bug

  • Microsoft has patched a zero-day bug in Windows Defender becoming actively exploited in the wild, as part of its regular monthly update spherical.

    The very first Patch Tuesday of 2021 showcased fixes for 83 vulnerabilities in Windows OS, Edge, Office, Visual Studio, .Internet Core, .Internet Repository, ASP .Internet, Azure, Malware Defense Engine and SQL Server.

    Distant code execution bug CVE-2021-1647 is the most urgent, in accordance to Chris Goettl, director of solution administration for security merchandise at Ivanti. He proposed organizations ensure their Microsoft Malware Security Engine is variation 1.1.17700.4 or higher.

    “Microsoft frequently updates malware definitions and the malware protection motor and has currently pushed the update to solve the vulnerability,” Goettl defined.

    “For organizations that are configured for automatic updating no actions must be demanded, but one particular of the to start with actions a menace actor or malware will consider to endeavor is to disrupt risk protection on a process so definition and motor updates are blocked.”

    Yet another CVE large up the priority checklist this thirty day period is CVE-2021-1648, a bug in the Windows splwow64 company that could enable an attacker to elevate their privilege amount. While publicly disclosed final thirty day period it is not imagined to have been exploited but.

    Specialists also highlighted CVE-2021-1666 as worthy of attention: the flaw in Microsoft’s GDI+ component impacts the unsupported Windows 7 and Windows Server 2008 merchandise, as very well as more recent versions.

    Allan Liska, senior security architect at Recorded Future, also flagged CVE-2021-1709, an elevation of privilege vulnerability in the Acquire32 kernel. The bug, which affects Windows 8-10 and Windows Server 2008-2019, should be prioritized in spite of its “Important” ranking, he argued.

    “Unfortunately, this kind of vulnerability is typically swiftly exploited by attackers,” Liska warned. “For instance, CVE-2019-1458 was announced on December 10 2019, and by December 19 an attacker was viewed providing an exploit for the vulnerability on underground markets.”

    Somewhere else, Adobe unveiled fixes for vulnerabilities in its Adobe Bridge, Captivate, InCopy, Campaign Classic, Animate, Illustrator and Photoshop products and solutions. There was also a critical Mozilla Thunderbird update.