[Solved] "Crazy bad" vulnerability in windows discovered by google - here's the fix

Discussion in 'Windows 10' started by pf100, May 9, 2017.

  1. pf100

    pf100 MDL Addicted

    Oct 22, 2010
    806
    717
    30
    #1 pf100, May 9, 2017
    Last edited: May 9, 2017
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,717
    3,722
    180
    So disabling defender actually secured your Windows machine more than having it enabled :D
     
  3. Hadron-Curious

    Hadron-Curious MDL Guru

    Jul 4, 2014
    3,421
    466
    120
    #3 Hadron-Curious, May 9, 2017
    Last edited: May 9, 2017
    I always make sure my Windows Defender is up to date. Do we know if this thing is not affecting other anti-virus / malware security tools? It seems to be triggered by scanning the system which other security tools do as well.
     
  4. Gharlane00

    Gharlane00 MDL Addicted

    Aug 26, 2009
    530
    133
    30
    #4 Gharlane00, May 9, 2017
    Last edited: May 9, 2017
    The affected engine is what is in the current insider build.

    Edit: Windows update does install a higher and presumably "safe" engine as of today.
     
  5. Shayne

    Shayne MDL Addicted

    Jul 31, 2009
    723
    169
    30
    Is v1.1.13704.0 not an engine up date? You note that the definitions should be updated however they do not follow that version numbering and are of 1.123.xx.x numbering scheme. The engine versions do follow the numbering system you note.

    Regards
     
  6. NsaFarm

    NsaFarm MDL Junior Member

    Mar 29, 2017
    68
    10
    0
    Yay, I removed defender from all my systems.
     
  7. @muja@

    @muja@ MDL Novice

    Oct 25, 2009
    21
    1
    0
    How do you do that mats?
     
  8. pf100

    pf100 MDL Addicted

    Oct 22, 2010
    806
    717
    30
    You're right. OP edited to fix the error.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  9. pf100

    pf100 MDL Addicted

    Oct 22, 2010
    806
    717
    30
    The researchers are saying it's just a Windows Defender problem and, per the article, Microsoft is stating that by updating Defender's protection engine to v1.1.13704.0 the vulnerability is patched.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  10. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    14,332
    16,309
    340
    Shouldn't that be fixed either by a CU or a separate WU update?
     
  11. pf100

    pf100 MDL Addicted

    Oct 22, 2010
    806
    717
    30
    It's an update Microsft just pushed out in the last 12 hours through Windows Update to fix the vulnerability. The problem exists in any version, including CU.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  12. Enthousiast

    Enthousiast MDL Tester

    Oct 30, 2009
    14,332
    16,309
    340
  13. TairikuOkami

    TairikuOkami MDL Addicted

    Mar 15, 2014
    624
    453
    30
    Not sure about that, even with WD disabled, that service is still running and actually without using/updating WD, it might be vulnerable "forever".
     
  14. QS2k15

    QS2k15 MDL Novice

    Dec 27, 2014
    24
    3
    0
    While I use Win Defender on a few computers at home I use for non critical duty. Most of the av comparing sites have always made me rely on a third party solution for critical duty. For the rig I browse on, read emails on, and making online purchases on. I figured it was worth while to splurge on a top 3, hasn't failed me yet. But then again I run a second opinion scanner too so ya... lol
     
  15. WaltC

    WaltC MDL Addicted

    Mar 8, 2014
    518
    123
    30
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  16. WaltC

    WaltC MDL Addicted

    Mar 8, 2014
    518
    123
    30
    No, of course not, because by turning Defender off you then open up your system to every other malware or virus on Earth besides *this* vulnerability...;) As with most security patches no actual exploits have been reported, AFAIK, and the patch fixed the vulnerability first.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  17. MrMagic

    MrMagic MDL Guru

    Feb 13, 2012
    5,717
    3,722
    180
    I highly doubt one of the worst AVs in history, Defender, was blocking 'Every other malware or virus on Earth" in the first place lol

    Plus, I run NOD32, so in fact if defender was running (I know it would disable with 3rd party AVs) , it would have made my machine more vulnerable than it is with it disabled
     
  18. Full inu

    Full inu MDL Senior Member

    Jun 9, 2015
    478
    119
    10
    This issue was patched by downloading regular WD definition updates.
    Same was with MSE on my W7 machine.
     
  19. maddogster

    maddogster MDL Member

    Mar 23, 2015
    105
    21
    10
    #20 maddogster, May 10, 2017
    Last edited: May 10, 2017
    yeah all security software flawed at one point or another, so glad to see easy fix pushed unlike those painfull mcafee/symantec disasters causing corp imaged pc's to be reinstalled from past botched av signature and firewall updates years ago :)