Security News > 2021 > January > Microsoft Issues Patches for Defender Zero-Day and 82 Other Windows Flaws

For the first patch Tuesday of 2021, Microsoft released security updates addressing a total of 83 flaws spanning as many as 11 products and services, including an actively exploited zero-day vulnerability.

The most severe of the issues is a remote code execution flaw in Microsoft Defender that could allow attackers to infect targeted systems with arbitrary code.

Microsoft Malware Protection Engine provides the scanning, detection, and cleaning capabilities for Microsoft Defender antivirus and antispyware software.

Tuesday's patch also rectifies a privilege escalation flaw introduced by a previous patch in the GDI Print / Print Spooler API that was disclosed by Google Project Zero last month after Microsoft failed to rectify it within 90 days of responsible disclosure on September 24.

Other vulnerabilities fixed by Microsoft include a memory corruption flaws in Microsoft Edge browser, a Windows Remote Desktop Protocol Core Security feature bypass flaw, and five critical RCE flaws in Remote Procedure Call Runtime.

To install the latest security updates, Windows users can head to Start > Settings > Update & Security > Windows Update, or by selecting Check for Windows updates.

News URL

http://feedproxy.google.com/~r/TheHackersNews/~3/eEiTp6rST00/microsoft-issues-patches-for-defender.html