10 critical gaps - Patch now!
Microsoft announced over 80 security patches earlier this year for the following apps and services: ASP, NET, Azure, ChakraCore, Edge, Microsoft Defender, Office, Visual Studio and Windows. 10 gaps are classified as critical, the rest as important. In plain language, this means that you need to act now in any case.
Critical gaps: Patch now
Attackers are currently exploiting a critical vulnerability in Microsoft Defender antivirus. This is the malicious code vulnerability CVE-2021-1647. The current extent is still unknown. All that is known is that the flaw is in the malware protection engine. According to Microsoft, version 1.1.17700.4 has already been fixed. The security update installs automatically. Microsoft does not comment on a possible attack scenario. The warning only states that the attacks are possible locally and with low user rights. However, since the attacks are only possible with little effort, the critical classification was made.
Important gaps: Patch likewise
The CVE-2021-1648 vulnerability in Windows is classified as important. Attacks could be imminent here. A previous patch has led to this gap. A memory error is triggered by checking strings. It is possible here for attackers to gain higher user rights and penetrate the system. It is important that users of Windows and other Microsoft software quickly ensure that Windows Update is active, downloads security patches and installs them. By default, the process is automatic.
Malicious code gaps also in Edge & Co.
Dangerous malware vulnerabilities (Windows 7 to Windows 10) also exist in Edge, HEVC Video Extensions and Remote Procedure Call Runtime. You can find more info about this in this article
What you need to do: Patch now ! What you must not do: Stand alone in the process !
Preempt attackers and successfully fend off attacks now: Our security experts are at your side with advice and support for all questions regarding cybersecurity, current attack scenarios and successful defense strategies.