Microsoft Scrambles to Patch Windows Defender Vulnerability

Microsoft Security Programs Compromised Due to Security Gap

New reports confirmed Microsoft’s security programs, including Windows Defender, are suffering from a major security vulnerability.  The security gap found is within the Microsoft Malware Protection Engine (MMPE), and if it goes unpatched, will allow hackers to do significant damage.  In order for the vulnerability to be exploited, hackers must do the following:

  • Identify a computer that has the vulnerability.
  • Get the user to download a special file on this device.  This may be done through instant messaging portals, email, injecting a JavaScript into a website, etc.
  • Once the user downloads the file, the hacker install malware, delete files, steal data within the system, etc.

So, this isn’t exactly a one trick pony.  There are a few hoops the hackers would need to jump through to get to their end goal.  However, it’s not impossible.

Hoops or not, the severity of the problem escalated significantly due to the role the MMPE plays within each Microsoft security program.  This particular malware engine is responsible for the scanning, detection, and cleaning component within several Microsoft anti-virus and anti-spyware programs, including:

  • Windows Defender
  • Microsoft Security Essentials
  • Microsoft Endpoint Protection
  • Windows Intune Endpoint Protection
  • Microsoft Forefront Endpoint Protection

Getting the Update

Microsoft has claimed the users of these programs do not need to do anything.  They have issued a patch for the security gap, which should automatically be applied.  Windows systems with the engine version 1.1.14700.5 or later are protected from the vulnerability.  If you would like, you may consumer versions may be verified by following the instructions below:

  • Windows 10: Type “Settings” into the search bar at the bottom of your screen.  Go to Update & Security, then select Windows Defender.
  • Windows 8: Tap on the Windows key to open the Start Menu. Type Windows Defender and select the result. Select “Help”, then click the “About” in the program window.
  • Windows 7: Open the Start Menu with a click. Type Windows Defender and load the result. Select “Help”, then click “About”.

If you are running a later version, you are encouraged to update.  All Windows Defender updates take place through your Windows Update feature.  Therefore, if you have those disabled, the updates have likely not taken place.  In order to manually update, you will want to tap the Windows key on your keyboard, then type “Windows Update” and click the “Enter” key.  From there you click on the “Check for Updates” button.  If updates are needed, follow the prompts.

**All users who are running a third-party security solution and have Windows Defender disabled are NOT impacted by this vulnerability.

Stop Responding to Threats.
Prevent Them.

Want to get monthly tips & tricks?

Subscribe to our newsletter to get cybersecurity tips & tricks and stay up to date with the constantly evolving world of cybersecurity.

Related Articles

Honda Hacked

Photo by Will Hough on Unsplash Honda’s Global Operations Haulted Automobile giant Honda confirmed today that they’ve been the victim of a cyberattack. The company released a statement

Read More