Consumer Reports has no relationship with any advertisers on this website.
A few days after security researchers discovered a massive flaw in Microsoft's malware protection engine Windows Defender, which is used in almost every recent version of Windows, the company has issued a fix that it believes will keep attackers out. Users should make sure they have the update installed on their machines (instructions below).
Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich discovered the potential mode of attack, or exploit. Dubbed CVE-2017-0290, it lets an attacker remotely access any system without any interaction from the user, according to a report in Ars Technica.
All the hacker has to do is send an email or instant message that is scanned by Windows Defender—you don't have to open it or click anything. Anything else that's scanned automatically by Windows Defender—like a website—could also be used by attackers.
Ormandy said on Friday that the bug could be "the worst Windows remote code exec in recent memory. This is crazy bad."
For Windows XP, Server 2003, Vista, Server 2008, 7, and Server 2008 R2
- Click "Help," and then "About Windows Defender"
- The Engine Version number should pop up, and the update was successfully installed if the Malware Protection Engine version number or if the signature package version number matches or exceeds 1.1.13704.0.
For Windows 8
- Press the Windows key to open the Start screen, and then type "Windows Defender," and click on the resulting icon
- Click the "Update" tab
- Click "Help," then "About"
- The Engine Version number should appear. You want at least version 1.1.9506.0.
For Windows 10
- Type "Windows Defender" in the Cortana search box, then hit enter
- Click "Settings" in the upper right corner, and scroll down to "Version info" see your Engine Version number. You should see 1.1.13704.0 or above.
Copyright © 2005-2017 Consumers Union of U.S., Inc. No reproduction, in whole or in part, without written permission. Consumer Reports has no relationship with any advertisers on this site.