Print Print    Close Close

Is Your PC Safe From a Massive Windows Defender Flaw?

By ,

Published May 22, 2017

Consumer Reports

Consumer Reports has no relationship with any advertisers on this website.

A few days after security researchers discovered a massive flaw in Microsoft's malware protection engine Windows Defender, which is used in almost every recent version of Windows, the company has issued a fix that it believes will keep attackers out. Users should make sure they have the update installed on their machines (instructions below).

Google Project Zero researchers Tavis Ormandy and Natalie Silvanovich discovered the potential mode of attack, or exploit. Dubbed CVE-2017-0290, it lets an attacker remotely access any system without any interaction from the user, according to a report in Ars Technica.

All the hacker has to do is send an email or instant message that is scanned by Windows Defender—you don't have to open it or click anything. Anything else that's scanned automatically by Windows Defender—like a website—could also be used by attackers.

More From Consumer Reports

  • Top pick tires for 2016
  • Best used cars for $25,000 and less
  • 7 best mattresses for couples
  • Best matching washers and dryers
  • Top 10 car picks for 2016

Ormandy said on Friday that the bug could be "the worst Windows remote code exec in recent memory. This is crazy bad."

For Windows XP, Server 2003, Vista, Server 2008, 7, and Server 2008 R2

  • Click "Help," and then "About Windows Defender"
  • The Engine Version number should pop up, and the update was successfully installed if the Malware Protection Engine version number or if the signature package version number matches or exceeds 1.1.13704.0.

For Windows 8

  • Press the Windows key to open the Start screen, and then type "Windows Defender," and click on the resulting icon
  • Click the "Update" tab
  • Click "Help," then "About"
  • The Engine Version number should appear. You want at least version 1.1.9506.0.

For Windows 10

  • Type "Windows Defender" in the Cortana search box, then hit enter
  • Click "Settings" in the upper right corner, and scroll down to "Version info" see your Engine Version number. You should see 1.1.13704.0 or above.

Copyright © 2005-2017 Consumers Union of U.S., Inc. No reproduction, in whole or in part, without written permission. Consumer Reports has no relationship with any advertisers on this site.

Print Print    Close Close

URL

https://www.foxnews.com/tech/is-your-pc-safe-from-a-massive-windows-defender-flaw

  • Home
  • Video
  • Politics
  • U.S.
  • Opinion
  • Entertainment
  • Tech
  • Science
  • Health
  • Travel
  • Lifestyle
  • World
  • Sports
  • Weather
  • Privacy
  • Terms

This material may not be published, broadcast, rewritten, or redistributed. © FOX News Network, LLC. All rights reserved. Quotes displayed in real-time or delayed by at least 15 minutes. Market data provided by Factset. Powered and implemented by FactSet Digital Solutions. Legal Statement. Mutual Fund and ETF data provided by Refinitiv Lipper.Do Not Sell my Personal Information - New Terms of Use - FAQ