Windows Defender UnRAR Code Vulnerability : Update and Fix Quickly

Microsoft forces their own anti-malware program called Windows Defender in all installations of Windows. While this is done to ensure that everyone stays protected and safe from malware attacks, it has been causing problems lately. Some researchers at Google have discovered a bug in the Windows Defender that could lead to serious problems.

If you are using Windows Defender having the Malware Protection Engine lower than version 1.1.14700.5 then you could be vulnerable. If you scan a specially crafted file using Windows Defender, then it will take control of the system and do almost anything with your PC.

This vulnerability lies in the way Microsoft developers have used source code from an open-source program called UnRAR. They were using an obsolete version of the code having the known bugs. And so the same bug appeared in the Windows Defender too.

Microsoft has released an emergency patch to fix this vulnerability. If you have enabled automatic updates in Windows, then it will auto-download and install this new patch. According to Microsoft, the update will be downloaded automatically on end-user systems in next 2 days. Users do not have to take any action and just have to wait. But if you want to download the update manually, then you can visit https://www.microsoft.com/en-us/wdsi/definitions and download the definitions update for your version and architecture of Windows. This will update both the virus definitions and the Malware Protection Engine.

Windows Defender

If you are using another antivirus product then you really do not have to bother about updating Windows Defender and you can disable it completely. You can read more about completely disabling Windows Defender in Windows 10 from Registry Entries to Quickly Disable Windows Defender.

This vulnerability affects many versions of Windows and Windows Defender. You can read more about this vulnerability from https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0986.