Windows Defender Vulnerabilities
Microsoft has identified and patched two vulnerabilities in Windows Defender, the built-in malware protection system in Windows, which could have been exploited for denial-of-service attacks.
Technical Details
The vulnerabilities affected the Malware Protection Engine, responsible for scanning and processing potentially malicious files. If successfully exploited, an attacker could disrupt the stable operation of the security mechanism, potentially leading to security breaches.
Patches and Updates
Microsoft has released patches, which are available through automatic updates. Specifically, versions Malware Protection Engine 1.1.26040.8 and 4.18.26040.7 address the identified issues. Microsoft notes that users with automatic updates enabled for Windows Defender should have received the patch without additional action.
Security Recommendations
Users are advised to verify the relevance of their protection manually through Windows Security settings. To check for updates, navigate to Virus and threat protection, select Protection updates, and run the update check. Users can also view the antivirus engine version in the About section and ensure that the latest version numbers are installed.
Industry Impact
According to experts, no confirmed cases of widespread exploitation of the vulnerabilities have been reported. Microsoft emphasizes that timely system updates remain a key way to protect against such threats.