Windows 10: Latest security patch fixes a zero-day vulnerability

January 14, 2021

By Kim Komando

Microsoft and other tech companies regularly release updates and security patches for their software. This not only ensures that you get the latest features but also keeps your devices protected.

Vulnerabilities in software can be exploited by hackers, leading to personal information being stolen. In severe cases, your device and all its files can be held for ransom. Tap or click here for the secret behind ransomware attacks that hackers don’t want you to know.

Your first line of defense against cyberattacks, whether it’s malware or intrusions, is by having reputable antivirus software. Windows 10 comes pre-installed with Microsoft Defender and aims to root out any suspicious activity on your system. But a new zero-day flaw has been found, putting your system in jeopardy.

Zero-Day vulnerabilities

Microsoft Defender protects you from known threats if you don’t have a paid subscription to antivirus software. But when a zero-day vulnerability is discovered, it raises severe alarm bells.

That’s why Microsoft just released a security patch, to fix a zero-day flaw. Microsoft has started to push the update to users, as it hurries to fix the identified CVE-2021-1647 threat.

RELATED: Make 2021 the year you protect your family and your home

Hackers have already exploited the remote code execution (RCE) bug that was detected within the Microsoft Defender software. The bug helps cybercriminals trick users into opening a file that contains malicious code. That code can be anything from malware to ransomware.

Loss of security confidentiality

Detailed in the patch documentation, Microsoft highlights that no further action is necessary after the update has been installed. The security patch for this and 82 other issues are all contained within the Microsoft Malware Protection Engine.

“The default configuration in Microsoft antimalware software helps ensure that malware definitions and the Microsoft Malware Protection Engine are kept up to date automatically,” patch notes state.

RELATED: Got new tech? Lock it down now before it’s too late

Analyses for the bug revealed that while the attack complexity and privileges are low, the confidentiality has been marked as high. Microsoft notes, “There is a total loss of confidentiality, resulting in all resources within the impacted component being divulged to the attacker.”

How to update Windows

Keeping your system update to date with the latest software releases are critically important. Here is how you can check for updates and download the latest patches:

For added peace of mind, set Microsoft Defender to periodically check for threats.

Also, make sure that any other antivirus software that you use is updated regularly. It’s one of the best ways to stay ahead of criminals. Tap or click here for the best antivirus options for PC or Mac.

https://www.komando.com/tips/windows/windows-defender-security-patch/