Microsoft pushes update for serious Windows flaw

James Delahunty
10 May 2017 12:20

Microsoft has quickly patched an unmasked security vulnerability in its software that potentially allowed attackers to hijack a PC.
The remarkable thing about this particular flaw is its association with Microsoft's anti-malware tool, Windows Defender. An attacker could target a victim with a malicious e-mail, an instant message or a crafted link.

According to reports, the victim wouldn't even have had to open an e-mail as the exploit would be triggered once the anti-malware tool scanned it.
The bug in question affected Windows 8, 8.1 and Windows 10, and was patched by an out-of-cycle update released by Microsoft in advance of the so-called "Patch Tuesday" round-up.

Researchers at Google's ProjectZero discovered the flaw at the weekend and expressed delight at Microsoft's speedy response.

Still blown away at how quickly @msftsecurity responded to protect users, can't give enough kudos. Amazing.

-- Tavis Ormandy (@taviso) 9 May 2017



Read More: BBC News

More from us
Tags
Windows Microsoft Windows Defender
We use cookies to improve our service.