Malware attacks rarely have a bright side, but it appears that Microsoft moved very quickly to squash a dangerous hack directed against Windows Defender, the operating system’s built-in security software. Chances are good that if you’re running Windows 10, Microsoft has already patched your computer through its automated updated process.
You can easily find out by checking “Windows Defender Settings.” (Simply type that phrase into Cortana and you’ll see the right page to click on.) Take a look at the engine version: If it is 1.1.13704.0 or higher that means you've been patched. If you’re running an older version of Windows, it probably has not been patched and you’d better run an anti-virus scan immediately.
I know that some security companies and some writers tend to go overboard when a new hack is discovered, but this one was quite serious and rather creepy. It’s creepy because it attacks a computer through the very software intended to protect it.
Unlike a typical piece of malware, this one can get into your machine even if you don’t click on a poisoned link or open a tainted email. If an attacker sends you an email or instant message that is then scanned by Windows Defender, the malware is activated and can be used to take over your PC. It can even become a so-called worm, which means it can spread from one PC to another via a network or the Internet.
The attack was discovered on Friday by researchers at Google who tweeted that this was "the worst Windows remote code exec in recent memory. This is crazy bad." Although it can take quite some time to develop a patch, Microsoft moved very quickly and released a fix Monday night. The security bulletin issued by Microsoft said that its team has not seen any public attacks based on the hack.
I know many computer users resent having to upgrade to a new versions of Windows, but you need to understand that Microsoft no longer issues security patches for Windows 7 or Windows 8, let alone Vista or XP. That may seem like a way to bully users into upgrading, but it is worth noting that the company let users upgrade from Windows 7 for about a year at no charge.
Unfair or not, that’s Microsoft’s policy. Since the potential consequences of having an unprotected machine are quite serious, it’s worth gritting your teeth and upgrading your system.
Next read this:
- 15 IT resolutions for 2019
- The 9 new rules of IT leadership
- 20 ways to kill your IT career (without knowing it)
- IT manager’s survival guide: 11 ways to thrive in the years ahead
- 7 key IT investments for 2019 (and 3 going cold)
- 10 signs top talent may soon leave
- 11 red flags to watch for when hiring
- 7 things IT should be automating
- 8 digital transformation mistakes (and how to fix them)
- 8 IT cost cutting mistakes you need to avoid
- Why IT-business alignment still fails
- CIO resumes: 6 best practices and 4 strong examples
- 4 KPIs IT should ditch (and what to measure instead)
- 6 practices of influential IT leaders