We typically rely on security software to protect our systems from viruses and malware. We trust these programs enough that we typically leave them running in the background, scanning every file received for potential danger.
But what if this very system, that’s supposed to protect your machine, can be exploited?
Ironically, that’s what Microsoft patched recently with another round of emergency out-of-band updates for Windows Defender’s Malware Protection Engine.
Are you affected?
The two vulnerabilities, CVE-2017-11937 and CVE-2017-11940, affect Windows Defender and Microsoft Essentials for all supported Windows machines, as well as Endpoint Protection, Forefront Endpoint Protection, and Exchange Server 2013 and 2016.
Similar to another Windows Defender security flaw discovered earlier this year, these exploits use Windows Defender to launch themselves when the malware protection engine scans a specially crafted file. Hackers can then use these flaws to run code and remotely take over your PC.
This means if someone sends a poisoned file via email or instant message, all it takes is for Windows Defender (which is supposed to protect your system) to scan it for the attack to execute.
The flaw can likewise be exploited via file sharing, websites, downloads – anything that is automatically scanned by Windows Defender.
Thankfully, the flaws have not been revealed publicly and Microsoft said that they have not been exploited in the wild.
Make sure you have your PC set to receive automatic updates. This is another reason why it’s important that you do not disable this critical security system setting.
Clever scam fools even smart Microsoft users
Look out! There’s another Windows scam that is going around and it’s fooling even the savviest users. Click here to read more about it.