If you're running Windows Defender (quite a strong possibility if you're running Windows), make sure you've got all your updates. Microsoft issued a patch this past Monday for a vulnerability in its malware protection engine that could allow a remote attacker to gain control over any affected system simply by sending the victim a specially-crafted e-mail or instant message. The exploit can be activated when Windows Defender simply scans a piece of data, and doesn't require any action behalf of a local user to take effect.
The first public news of the flaw came from a series of tweets by one of the folks who discovered it. Tavis Ormandy and Natalie Silvanovich both work for Google's Project Zero security research team. The pair tweeted vaguely about the vulnerability on Friday night, saying it was "the worst Windows remote code execution flaw in recent memory." Despite requests for further details, the pair declined to provide any further information, saying that they would wait until it was patched.
Fortunately, Microsoft has already issued a patch for the bug. If you want to make sure your system is up-to-date, check your Engine version in "Windows Defender settings." Version 1.1.13704 is the patched version. Of course, people relying on third-party anti-malware software don't have to worry about it.
|Radeon 17.9.2 drivers put the pedal to the metal for Project Cars 2||1|
|ROG Strix X299-XE Gaming motherboard is rather groovy||4|
|Miniature Golf Day Shortbread||15|
|GeForce 385.69 drivers are Game Ready for a ton of titles||2|
|Thursday deals: big external drives, a sweet case, and more||4|
|Google acqui-hires 2,000 HTC employees for $1.1 billion||24|
|Some of AMD's next chips will arrive on GloFo's new 12LP process||47|
|The Tech Report System Guide: September 2017 edition||65|
|Intel shows off 10-nm Cannon Lake wafer and talks process tech||26|
|I still would strongly recommend against any of Kaby-Lake X SKUs unless you plan on upgrading to a Skylake-X down the road. Just stick with 7700K and...||+23|