Skip to main content

Microsoft issues 83 patches, one for actively exploited vulnerability

Every second Tuesday of the month it's 'Patch Tuesday'. On Patch Tuesday Microsoft habitually issues a lot of patches for bugs and vulnerabilities in its software.

It's always important to patch, but the update that was released on January 12 is one to pay attention to. That's because it contains a patch for a vulnerability in Windows Defender that is already being exploited in the wild.

The vulnerability in Windows Defender

Publicly disclosed computer security flaws are listed in the Common Vulnerabilities and Exposures (CVE) list—a dictionary that provides definitions for publicly disclosed cybersecurity vulnerabilities and exposures. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, databases, and services).

The vulnerability in Windows Defender was registered as CVE-2021-1647—a Remote Code Execution (RCE) vulnerability—and was found in the Malware Protection Engine component (mpengine.dll). According to Microsoft:

"While this issue is labeled as an elevation of privilege, it can also be exploited to disclose information. The type of information that could be disclosed if an attacker successfully exploited this vulnerability is uninitialized memory."

I don't see an update for this vulnerability

If you are missing this fix in your list, it's possible that this bug has already been patched by Microsoft on end-user systems, as the company continuously updates Defender outside of the normal monthly patch cycle. But you may want to check whether you are using a patched version.

What version of Windows Defender am I using?

The first patched version is 1.1.17700.4. If you want to make sure that you have a patched version of Windows Defender, here is how you can check this on a Windows 10 computer:

  • From the Windows Start Menu, search for Windows Security and click on the result that has the App text and the "white on blue" shield.
  • When Windows Security opens, click on the gear box icon with the Settings text at the bottom left of the Window.
  • When the Settings screen opens, click on the About link.
  • The Windows Security About page will now be open and will show the Antimalware Client Version (Microsoft Defender version), the Engine version (Scanning Engine), the Antivirus version (Virus definitions), and the Antispyware version (Spyware definitions).
  • The engine version is the one that matters here. It needs to be at 1.1.17700.4 or newer.
Finding the Windows Defender version

The rest of the Microsoft updates

The total package contained over 80 patches. Ten of them were classified as critical, which means that they could possibly be used in the future by cybercriminals to attack unpatched systems. And even the ones that are not rated as critical could put you at risk at some point. It's always important to apply all the patches as soon as you possibly can, especially when it concerns your operating system. So, please do go install these patches as soon as possible.

Stay safe, everyone!

The post Microsoft issues 83 patches, one for actively exploited vulnerability appeared first on Malwarebytes Labs.



from Malwarebytes Labs full article here

Popular posts from this blog

Mobile Security Framework (MobSF) - An All-In-One Mobile Application Security Assessment Framework

Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis. MobSF support mobile app binaries (APK, IPA & APPX) along with zipped source code and provides REST APIs for seamless integration with your CI/CD or DevSecOps pipeline.The Dynamic Analyzer helps you to perform runtime security assessment and interactive instrumented testing. Screenshots: Static Analysis - Android Static Analysis - iOS Dynamic Analysis - Android APK Web API Viewer Requirements: Mac: Install Git Install Python 3.6 - 3.7 (3.8 is not supported) macOS Catalina users must uninstall existing python3 and install the one from Python.org . After installation, go to /Applications/Python 3.7/ and run Install Certificates.command and Update Shell Profile.command Install JDK 8+ ...
Read more

BlackArch Linux - Penetration Testing Distribution

BlackArch Linux is an Arch Linux-based penetration testing distribution for penetration testers and security researchers. It contains over 1800 security and hacking tools. Here is the complete list of tools in the BlackArch Linux: 0d1n : Web security tool to make fuzzing at HTTP inputs, made in C with libCurl. 0trace :  A hop enumeration tool. 3proxy : Tiny free proxy server. 3proxy-win32 : Tiny free proxy server. 42zip : Recursive Zip archive bomb. a2sv : Auto Scanning to SSL Vulnerability. abcd : ActionScript ByteCode Disassembler. acccheck : A password dictionary attack tool that targets windows authentication via the SMB protocol. ace : Automated Corporate Enumerator. A simple yet powerful VoIP Corporate Directory enumeration tool that mimics the behavior of an IP Phone in order to download the name and extension entries that a given phone can display on its screen interface ad-ldap-enum : A LDAP based Active Directory user and grou...
Read more

How a VPN can protect your online privacy

Have you ever experienced the feeling of relief that comes when you do something silly, but you're glad you did it where people don't know you? Or maybe you wished you were somewhere like that, but alas… That is what a Virtual Private Network ( VPN ) can do for you: it can put you in a place where you are unknown. To determine if and when you need a VPN, you must define what your goal is. If your main goal is to improve your privacy online, then a VPN is one of the possible solutions. Privacy is a right that is yours to value and defend. If you don't fall into the categories of people who say "I have nothing to hide" or "they already know everything about me" then you may care enough about your privacy to use a VPN. For the latest Malwarebytes Labs reader survey we asked "Do you use a VPN?" 2,330 responded and an impressive 36 percent said they now used a VPN. For perspective, ten years ago, only 1.5 percent of Americans used VPNs. So...
Read more