Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021

Dark Reading -

Microsoft has released patches for 83 vulnerabilities on its first Patch Tuesday of 2021, which addresses 10 critical flaws, including one zero-day remote code execution bug in Microsoft Defender. 

The fixes released today cover Microsoft Windows, the Edge browser, ChakraCore, Office and Microsoft Office Services and Web Apps, Microsoft Malware Protection Engine, Visual Studio, ASP .NET, .NET Core, and Azure. Of these, 73 are classified Important; one is publicly known.

While 83 CVEs (common vulnerabilities and exposures) is much lower than the record monthly patch numbers Microsoft reported last year, it’s 59% higher than the 49 patched in January 2020. “If that’s any indication, it means 2021 will be another banner year for Patch Tuesday vulnerability disclosures,” says Satnam Narang, staff research engineer at Tenable.

CVE-2021-1647 is the critical bug in Microsoft’s Malware Protection Engine already seen in the wild. Microsoft does not elaborate on these attacks or how widespread they

The post Microsoft Defender Zero-Day Fixed in First Patch Tuesday of 2021 first appeared on Dark Reading.

Read More.....