Microsoft Patches Critical RCE Bug in Windows Defender

By Marcos Colon

Computing giant Microsoft has once again patched a critical vulnerability in its Windows antivirus tool.

On Friday, the company addressed a remote code execution vulnerability in Windows Defender which could have been exploited without any user interaction, according to a report by CSO Online.

Discovered by Google Project Zero's Tavis Ormandy on June 7, the flaw was not being exploited at the time. He went public with his technical report on the flaw on June 23, after Microsoft released a patch to fix it. Before sending it off to Microsoft, Ormandy encrypted the proof-of-concept demo file to prevent crashing Microsoft's email servers.

"Note that as soon as the testcase.txt file touches disk, it will immediately crash the MsMPEng service on Windows, which may destabilize your system," Ormandy. "The testcases have been encrypted to prevent crashing your exchange server."

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.