Microsoft announced the fix for ten vulnerabilities in its latest security patch, including a critical flaw in Microsoft Defender, the anti-malware tool included in the company’s systems. According to specialists, successful exploitation of the flaw would have allowed threat actors to inject compromised systems with malicious code.
Experts believe the flaw, tracked as CVE-2021-1647, could have been actively exploited in recent months as part of the massive campaign against SolarWinds implementations. Affected versions of Microsoft Defender (from 1.1.17600.5 to 1.1.17700.4) run on Windows 10, Windows 7, and Windows Server systems, so the scope of potential exploitation is considerable.
In its report, the company highlights the seriousness of this flaw: “It is possible that the vulnerability in Microsoft’s antimalware engine has already been fixed on most systems, as the engine is updated automatically. However, you will need to manually update if your systems are not connected to the Internet.”
A second flaw, tracked as CVE-2021-1648, would also have been exploited in the wild. This is a privilege escalation error affecting Windows SPLWOW64.exe reported by the Zero Day Initiative (ZDI).
The company also patched eight additional flaws, also considered critical. These vulnerabilities include a remote code execution error in Microsoft Edge, apparently related to the way the browser accesses objects in memory. The flaw was tracked as CVE-2021-1705.
Other flaws lie in the Windows Graphics Device Interface (CVE-2021-1665), HEVC Video Extensions (CVE-2020-1643), and the Microsoft DTV-DVD Video Decoder (CVE-2020-1668). Updates are now available, so users are encouraged to deploy them as soon as possible.
At Microsoft, they know that the risks arising from the incident in SolarWinds remain active, so the best security measures need to be taken: “Either by correcting reported zero-day vulnerabilities, or by implementing better security protocols today more than ever, a proactive stance on security threats is needed,” concludes the report.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.