Microsoft patches two zero-day flaws in Defender

Microsoft has issued emergency patches for two zero-day vulnerabilities found in Microsoft Defender's malware protection components, which could be exploited by local attackers to elevate system privileges or disrupt the anti-malware service. These flaws are particularly valuable to attackers, as they can prevent detection by Microsoft's endpoint protection and grant full system control. The United States Cybersecurity and Infrastructure Security Agency (CISA) has taken notice, adding the vulnerabilities to its list, indicating a high level of concern¹. The fact that CISA has already taken action suggests that the window for patching is rapidly shrinking. This development is significant, as it highlights the importance of promptly assessing and addressing potential exposure to these vulnerabilities. So what matters to practitioners is that they must immediately evaluate their systems' vulnerability to these flaws to prevent potential attacks, given the likelihood of exploitation has increased with CISA's involvement.