On Jan. 12th, Microsoft released a security advisory to address a remote code execution vulnerability in Microsoft Defender.
An attacker can exploit this vulnerability to gain control of an affected system remotely.
Full details can be found here: CVE-2021-1647.
How to remediate:
This exploit was patched with the January 7th Defender update. Ensure Microsoft Defender for Endpoint has been updated and configured appropriately and the issue will self-resolve. If you have any questions please don’t hesitate to reach to KiZAN for assistance.
How KiZAN can help:
KiZAN can assist by providing a patching/antivirus health check to help you validate that your update cycle is configured properly, provide best practice guidance, ensure your devices are being patched, and remediate any identified issues.
Contact our Identity, Device, and Security team for assistance.
