Microsoft fixes Defender zero-day in January 2021 Patch Tuesday – ZDNet

Microsoft fixes Defender zero-day in January 2021 Patch Tuesday – ZDNet


windows-logo.png

Microsoft has started rolling out earlier today it’s monthly set of security patches known in the industry as Patch Tuesday.

In this month’s updates, the Redmond-based company has patched a total of 83 vulnerabilities across a wide range of products, including its Windows operating system, cloud-based products, developer tools, and enterprise servers.

Microsoft Defender zero-day

But of all the bugs patched today, the most important one is a zero-day vulnerability in the Microsoft Defender antivirus, which Microsoft said was exploited before today’s patches were released.

Tracked as CVE-2021-1647, the vulnerability was described as a remote code execution (RCE) bug that allowed threat actors to execute code on vulnerable devices by tricking a user into opening a malicious document on a system where Defender is installed.

Microsoft said that despite exploitation being detected in the wild, the technique is not functional in all situations, and is still considered to be at a proof-of-concept level. However, the code could evolve for more reliable attacks.

To counteract future attacks, Microsoft has released patches for the Microsoft Malware Protection Engine, which won’t require any user interaction and will be installed automatically — unless specifically blocked by system administrators.

Microsoft also fixes publicly disclosed Windows EoP bug

In addition to the Defender zero-day, Microsoft has also fixed a security flaw in the Windows splwow64 service that could be abused to elevate the privileges of an attacker’s
Source…