Microsoft Defender Zero-Day Remote Code Execution (RCE) Vulnerability

By Fortra's Digital Defense

Microsoft Defender Zero-Day Remote Code Execution (RCE) Vulnerability

On Tuesday, January 12th, Microsoft released a patch for an RCE vulnerability present within their antivirus solutions, Windows Defender, System Center Endpoint Protection, and Security Essentials.  This vulnerability is being tracked as CVE-2021-1647.  Although an exploit has not been publicly released, this vulnerability is actively being exploited in the wild.  Exploitation does not require any user interaction, and either low level or no credentials are required for exploitation.  Please ensure that your Microsoft Malware Protection Engine software is using 1.1.17700.4 or later.  Often, these updates occur automatically, however if manual updating is required, please see https://support.microsoft.com/en-us/help/2510781/microsoft-malware-protection-engine-deployment-information.

Frontline.Cloud is releasing authenticated check MS21-JAN: Microsoft Windows Security Update (143778) with release 3.0.68.0 expected on January 15th, 2021.

Copyright © Fortra, LLC and its group of companies. Fortra™, the Fortra™ logos, and other identified marks are proprietary trademarks of Fortra, LLC. | Privacy Policy | Cookie Policy | Sitemap

Share This