Providing Free and Editor Tested Software Downloads

MajorGeeks.com - You want the Geek? You can't handle the Geek!

All In One Tweaks

Antivirus & Malware

Drives (SSD, HDD, USB)

Graphics & Photos

MajorGeeks Windows Tweaks

Office & Productivity

· How To and Tutorials
· Life Hacks and Reviews
· Way Off Base
· MajorGeeks Deals
· News
· Off Base
· Reviews

· YouTube
· Facebook
· Instagram
· Twitter
· Pintrest
· RSS/XML Feeds

· News Blur
· Yahoo
· Symbaloo

· Top Freeware Picks
· Malware Removal
· Geektionary
· Useful Links
· About Us

· Copyright
· Privacy
· Terms of Service
· How to Uninstall

1. GS Auto Clicker

2. Macrium Reflect FREE Edition

3. Smart Defrag

4. Visual C++ Redistributable Runtimes AIO Repack

5. Visual C++ Runtime Installer (All-In-One)

7. McAfee Removal Tool (MCPR)

9. Sergei Strelec's WinPE

10. K-Lite Mega Codec Pack

How to Disable 1-Click Ordering on Amazon (and Avoid Surprise Charges)

How to Fix Shallow Paint Layer Depth in Bambu Studio

Aviator Betting Game Secrets: Unlock 97% RTP & Triple Your Wins

Windows Recall: What It Is, Why Hackers Will Love It, and How to Stay Safe

Star Trek Fleet Command Promo Codes: Redeem Codes for Free Shards, Blueprints And Resources

How To Use VLC Media Player to Trim Video Clips

What Is the $WinREAgent Folder and Can I Delete It?

Swear Your Way to Better Search Results

How to Get a Dark Start Menu and Taskbar in Windows 10 & 11

Enable, Disable, Manage, Delete or Create a System Restore Point

Defender Needs Upgrade Because of Flaw

Posted by: Timothy Weaver on 06/27/2017 04:36 PM [ Comments ]

If you rely on Microsoft Defender to protect your system, it's time to do an update.

Microsoft has issued an advisory and a patch for a flaw in its Malware Protection Engine after the flaw was found by a Google Project Zero bug hunter.

Affecting Windows 32- and 64-bit versions of Windows Server 2008, Windows 10, 8.1, and 7, the flaw was patched June 23rd.

Microsoft wrote: “To exploit this vulnerability, a specially crafted file must be scanned by an affected version of the Microsoft Malware Protection Engine.”

Hackers could exploit the flaw via website through a drive by attack, email, instant message or through a website that hosts user-provided content.

The problem doesn't kick in until the program begins to scan the system.

Microsoft wrote: “If the affected antimalware software has real-time protection turned on, the Microsoft Malware Protection Engine will scan files automatically, leading to exploitation of the vulnerability when the specially crafted file is scanned. If real-time scanning is not enabled, the attacker would need to wait until a scheduled scan occurs in order for the vulnerability to be exploited.”

Source: SCMagazine

Comments

comments powered by Disqus

© 2000-2025 MajorGeeks.com

Powered by Contentteller® Business Edition