Microsoft Scrambles to Patch Windows Defender Vulnerability

Microsoft Security Programs Compromised Due to Security Gap

New reports confirmed Microsoft’s security programs, including Windows Defender, are suffering from a major security vulnerability.  The security gap found is within the Microsoft Malware Protection Engine (MMPE), and if it goes unpatched, will allow hackers to do significant damage.  In order for the vulnerability to be exploited, hackers must do the following:

  • Identify a computer that has the vulnerability.
  • Get the user to download a special file on this device.  This may be done through instant messaging portals, email, injecting a JavaScript into a website, etc.
  • Once the user downloads the file, the hacker install malware, delete files, steal data within the system, etc.

So, this isn’t exactly a one trick pony.  There are a few hoops the hackers would need to jump through to get to their end goal.  However, it’s not impossible.

Hoops or not, the severity of the problem escalated significantly due to the role the MMPE plays within each Microsoft security program.  This particular malware engine is responsible for the scanning, detection, and cleaning component within several Microsoft anti-virus and anti-spyware programs, including:

  • Windows Defender
  • Microsoft Security Essentials
  • Microsoft Endpoint Protection
  • Windows Intune Endpoint Protection
  • Microsoft Forefront Endpoint Protection

Getting the Update

Microsoft has claimed the users of these programs do not need to do anything.  They have issued a patch for the security gap, which should automatically be applied.  Windows systems with the engine version 1.1.14700.5 or later are protected from the vulnerability.  If you would like, you may consumer versions may be verified by following the instructions below:

  • Windows 10: Type “Settings” into the search bar at the bottom of your screen.  Go to Update & Security, then select Windows Defender.
  • Windows 8: Tap on the Windows key to open the Start Menu. Type Windows Defender and select the result. Select “Help”, then click the “About” in the program window.
  • Windows 7: Open the Start Menu with a click. Type Windows Defender and load the result. Select “Help”, then click “About”.

If you are running a later version, you are encouraged to update.  All Windows Defender updates take place through your Windows Update feature.  Therefore, if you have those disabled, the updates have likely not taken place.  In order to manually update, you will want to tap the Windows key on your keyboard, then type “Windows Update” and click the “Enter” key.  From there you click on the “Check for Updates” button.  If updates are needed, follow the prompts.

**All users who are running a third-party security solution and have Windows Defender disabled are NOT impacted by this vulnerability.

 3,729 total views,  1 views today

(Visited 1 times, 1 visits today)

20 thoughts on “Microsoft Scrambles to Patch Windows Defender Vulnerability”

  1. James Sturtevant

    Since I disabled Defender, Microsoft Edge does not work and my pdf files will not open since they have the Edge symbol on them. How do I get my pdf files to open?

    1. Disabling Defender, should not adversely impact Edge. We would recommend you contact the Microsoft support team to determine what is going on and how to fix your browser. In the mean time, you may open any PDF through a free PDF reader/editor such as Adobe or DocHub.

  2. LifetimePCMaticCustomer

    My Windows Defender is an aggravation. Though the program itself is disabled due to our lifetime membership & subscription to PCMatic, it daily, even more often than that sends notices to appear on our computer screens that Defender is disabled and leave our computer vulnerable to malware. In lieu of this revelation, once again, we are sure glad (and my son continually tells me while matriculating in pre-med) we have PC-Matic and are not relying on Defender or any other mal-ware prevention, or alert system.

    Thank you again, PC-Matic.

    1. Windows Defender disables itself once a third-party antivirus solution is detected, whether it is PC Matic, or anything else.

        1. The platform is designed to automatically disable itself. However, to confirm this, users may go into Windows Defender Security Center to check the status of Windows Defender. If it remains enabled, you may disable it there. PC Matic does not encourage using multiple security programs at the same time, as there is a risk of each program interfering with the next.

      1. Skeeter Sanders

        @Kayla Elliott: True enough. I have AVG Internet Security as my PRIMARY and IObit Malware Fighter as my SECONDARY third-party security software suites on my laptop (I have both on each other’s whitelist so that they don’t interfere with each other).

        Although Windows Defender automatically turns itself off whenever you install third-party security software, you can still set Windows Defender to run “occasional” scans as a backup to your primary third-party security suite. I’ve done it.

        1. You’re correct, you may set it for an occasional scan; however, the user would have to manually go in and set that up. Meaning, it is not a default setting.
          Thank you for your insight Skeeter!

  3. If we have PC Magic and PC Magnum on our PC do we have to do windows Defender activated and do all the above steps! And I too have had my PC Matic and all other installed programs removed including my Microsoft Office. Couldn’t start up my computer afterwards without resetting it back to it’s original state at time of purchase. Was very frustrating!

    1. Windows Defender will automatically disable itself when it recognizes another antivirus. So, you should not have to be concerned with this vulnerability.

  4. Janet Truelock

    How do I keep Microsoft from taking off my PC Matic Super Shield? It does it periodically and I have a hard time trying to get the Super Shield back on.

    1. Are you using any of the programs outlined in the article that are impacted? If so, you will need to check the version of the program you are using, by following the instructions in the post. Compare that version to the version listed in the article, and you will know if you are protected. If you’re running an older version, there are instructions on how to update the program within the content of the post as well.

Leave a Comment

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.