Microsoft's very own virus detector: Windows Defender has had been faced with some serious bugs recently. The insight came directly from Google's Project Zero. The organization has been involved in multiple operations recently with the focus to extract more software bugs, disruptions and attackers' activities, And they are simultaneously dedicated to bringing better measures to turn down such horrific deeds & providing trustworthy solutions to safeguard users. Microsoft just brought a potential fix to the issue discovered by Project Zero researchers Tavis Ormandy and Natalie Silvanovich, which they regarded as "the worst Windows remote code exec in recent memory."
According to ARS Technica, Ormandy also addressed it as "wormable" which can enter a user's machine without his knowledge, replicate its harmful activities on the PC and thereby spread over other computers as well through LAN. The researchers claimed that the issue actually has its roots in Microsoft's antimalware protection engine boasted on Windows Defender.
The engine is expected to scan all the files thoroughly, look for malware in them and thereby cast powerful protective shields on them. But during these tasks, it could be spelt, tricked to execute codes derived by third parties through an email, onto a web page or even via instant texts. And by these methods, attackers can fool Windows Defender and take over another's machines pretty easily. Engadget reported that after just three days of the discovery of such dangerous bug, Microsoft became serious and brought a potential action to resolve it fully.
Microsoft Security Response Center alongside the official developers of Windows Defender released the solution to this specific issue with the latest Windows Update which is now available for Windows 7, 8.1, RT, 10 and more advanced developers editions. The update is expected to show up to each and every registered Windows OS users within several days. For early upgrading of the same, users can click on the update button manually on their Windows Defender tab. They must check and confirm that there is an existing engine listed with version 1.1.13704.0 or even higher than that