Skip to ContentSkip to Footer
News

Microsoft fixes actively exploited Defender zero-day flaw

The firm's latest Patch Tuesday release includes fixes for a total of 83 vulnerabilities across Windows, Azure and more

by: Bobby Hellard
13 Jan 2021
A Windows update ready to be installed on a laptop

Microsoft has released a fix for the zero-day remote access exploit recently uncovered in its Defender antivirus service.

The fix arrives in the company's monthly set of security patches, known as 'Patch Tuesday', which included patches for a total of 83 vulnerabilities across a wide range of products, including Windows, Azure and other Microsoft services. 

The zero-day exploit is tracked as CVE-2021-1647 and is described as a remote code execution (RCE) bug that allows threat actors to embed code on vulnerable devices by tricking users into opening a loaded document on a system with Microsoft Defender installed. 

Microsoft said that despite exploitation being detected in the wild, the technique was not functional in all situations, suggesting that it is still at a 'proof-of-concept' stage. However, the company warned that the code could evolve into more reliable attacks. 

To protect against any future attacks,  Microsoft has released patches for the Microsoft Malware Protection Engine, which will be installed automatically unless blocked by system administrators.

Alongside the Defender zero-day bug, the tech giant has also released a patch for a flaw in the Windows splwow64 service. This was tracked as CVE-2021-1648 and could be used to elevate the privileges of attack codes. This hasn't been exploited in the wild, according to Microsoft, but system admins have been advised to apply the patches to avoid any future problems. 

Microsoft is not the only firm starting 2021 with patches, as Adobe has released its first major batch of security fixes. On Tuesday, the software firm released a number of security advisories for vulnerabilities in seven different products: Photoshop, Illustrator, Animate, Bridge, InCopy, Captivate and Campaign Classic.

The first of these fixes have already been applied to the Photoshop image creation software on Windows and macOS-based machines. It is tracked as CVE-2021-21006 and can be used to trigger arbitrary code execution.

Featured Resources

Unlocking collaboration: Making software work better together

How to improve collaboration and agility with the right tech

Download now

Four steps to field service excellence

How to thrive in the experience economy

Download now

Six things a developer should know about Postgres

Why enterprises are choosing PostgreSQL

Download now

The path to CX excellence for B2B services

The four stages to thrive in the experience economy

Download now

Recommended

Russia launched over a million cyber attacks in three months
hacking

Russia launched over a million cyber attacks in three months

13 Apr 2021
New DNS vulnerabilities put millions of IoT devices at risk
Internet of Things (IoT)

New DNS vulnerabilities put millions of IoT devices at risk

13 Apr 2021
Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?
cloud security

Cloud storage: How secure are Dropbox, OneDrive, Google Drive, and iCloud?

13 Apr 2021
5G will accelerate cyber crime, predicts former White House CIO
5G

5G will accelerate cyber crime, predicts former White House CIO

13 Apr 2021

Most Popular

Microsoft is submerging servers in boiling liquid to prevent Teams outages
data centres

Microsoft is submerging servers in boiling liquid to prevent Teams outages

7 Apr 2021
How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

8 Apr 2021
Hackers are using fake messages to break into WhatsApp accounts
instant messaging (IM)

Hackers are using fake messages to break into WhatsApp accounts

8 Apr 2021
Skip to HeaderSkip to Content