I’m in front of the boob tube last night and I get this email entitled “Microsoft Security Update Releases” (full email posted below).
CVE-2018-0986 | Microsoft Malware Protection Engine Remote Code Execution Vulnerability
The gist of the alert is that all versions of Windows Defender have a vulnerability.
If Windows Defender scans an infected file then a hacker could own your system.
Rephrased…
If the product that is supposed to protect your system just SCANS a bad file you could be OWNED.
Fortunately this has been patched. Windows Defender should update automatically but you can force an update.
Press the Windows + R keys > copy paste the following: “%ProgramFiles%\Windows Defender\MSASCui.exe” -Update
—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA256
********************************************************************
Title: Microsoft Security Update Releases
Issued: April 3, 2018
********************************************************************
Summary
=======
The following CVE has been released on April 3, 2018:
* CVE-2018-0986
Revision Information:
=====================
– Title: Microsoft Malware Protection Engine Remote Code Execution
Vulnerability
– URL: https://portal.msrc.microsoft.com/en-us/security-guidance
– Version: 1.0
– Reason for Revision: Information published.
– Originally posted: April 3, 2018
– Updated: N/A
– Aggregate CVE Severity Rating: Critical
Other Information
=================
That’s interesting. Only last week I disabled Windows Defender in Local Group Policy (I have other security layers).
I’m glad I disabled it after reading this!