Overview:

In a bid to mitigate the recently found Zero-day vulnerability in Windows Defender, Microsoft has released an urgent, out-of-band updates for its customers. The update is aimed at patching a Denial-of-Service in the Windows Defender.

CVE assigned:

CVE-2019-1255 (Microsoft Defender Denial of Service Vulnerability)

Affected Software's:
Microsoft Windows Defender

Affected platforms:

All Microsoft Windows operating systems.

Solution:

Microsoft has patched the critical security flaw in the latest security updates on all windows systems and recommend its users to apply the latest update immediately.

For more information, refer to our blog.

Use SanerNow platform to apply this critical patch quickly across the organization as shown below.

SanerNow:

Vulnerability detection and patching of Windows Defender:

1. Login to SanerNow platform
2. Switch to the account/site specific view and Go to 'VM tool'
3. If your Application (Windows Defender) is vulnerable, Saner lists the above mentioned CVE’s in 'Top Vulnerabilities or 'Recently Discovered Vulnerabilities as shown in the below image:

4. Search for this vulnerability in VM tool. If you are affected, apply the patch through PM -> Missing Patches.
5. Select 'Groups/Devices in the 'Asset Source' section and click 'Apply'.
6. Select the product ‘Windows defender' from the 'Asset' section as shown in the below diagram:

7. Select ‘Apply Selected Patches’ at the rightmost corner. This will prompt for ‘Creating Patch Task’. Fill in ‘Task Name’ and ‘Remediation Schedule as per your preference and click on ‘Apply Selected Patches as shown below:

8. Remediation job will be created, which will fix the vulnerability by upgrading Windows defender to the latest patch version.
9. Once remediation is done, the Saner agent automatically scans again and uploads the result to SanerNow as shown below: