Online security experts have commended Microsoft security team for repairing a windows defender loophole. Internet hackers could have used this to infect and take over computer systems. Tavis Ormandy and Natalie Silvanovich, researchers with Google Project Zero discovered the bug within Microsoft’s Windows Defender.
The Google Project Zero researchers discovered the antivirus bug last weekend. Microsoft team responded almost immediately to the alert and pushed out a fixed update by Tuesday, the BBC wrote. Users with Windows computers should update their Windows Defender anti-malware to the latest software version (1.1.13704.0). It is now available for automatic download.
Hackers would have been able to take over private and network computers by sending out just a single infected email. Good thing Google’s Project Zero team discovered the security flaw and Microsoft responded to fix it immediately,
Users do not need to click or open the infected email to be affected by the hack. Hackers could as well have been able to access computers through IMs and clicks on web browser links. As soon as the infected email is sent out, Windows Defender in its natural task would only have to scan the bad email to trigger its attack – since many anti-malware software provide real-time protection.
According to Microsoft, computer systems running Windows 8, 8.1 and 10 operating systems are affected by the Windows Defender flaw. Those running Windows Server OS are also affected by the bug.
According to Graham Cluley, a cyber-security expert, the bug meant that hackers could plant a malicious code into your computer without your knowing at all in order to hijack your computer for heinous purposes. He however berated the Project Zero team for the manner in which the vulnerability had been announced, saying the protocol included information that hackers could have taken advantage of.