Friday 12 February 2021
The impact of this issue announcement is critical. Please act accordingly to rectify the issue, as stated below.
What's affected:
Microsoft Defender Antivirus (formerly Windows Defender), Microsoft Endpoint Protection, Microsoft Security Essentials, and Microsoft System Center Endpoint Protection.
What you need to know:
As part of Patch Tuesday, Microsoft has fixed a privilege escalation vulnerability (CVE-2021-24092) in Microsoft Defender that could allow hackers to gain admin rights on unpatched Windows systems. This vulnerability affects Defender versions dating back to 2009, as well as client and server releases from Windows 7 and up.
Actions to be taken:
Updates come in automatically.