Microsoft confirms critical Windows Defender vulnerability. What you need to do right now.
There is (or was) a vulnerability in Windows Defender, but you don't have to worry about it. That's the short version.
The longer version, for those who are interested, is that Microsoft detected a fault in its homegrown antivirus software and admitted as much in an official security note, per Forbes. Microsoft's security note included an executive summary that explained the problem in something resembling layman's terms:
"Improper authorization of an index that contains sensitive information from a Global Files search in Windows Defender allows an authorized attacker to disclose information over a network," the summary read.
You May Also Like
In other words, it was theoretically possible for someone to use this exploit to send private files over a network to people who aren't meant to see them. There are apparently no known instances of anyone actually using this exploit, but it did exist. Emphasis on did.
That's because Microsoft has closed the loop on the exploit, confirming that users don't need to take any action to fix it themselves. Just don't do anything, according to Microsoft. That's easy enough.
Alex Perry is a tech reporter at Mashable who primarily covers video games and consumer tech. Alex has spent most of the last decade reviewing games, smartphones, headphones, and laptops, and he doesn’t plan on stopping anytime soon. He is also a Pisces, a cat lover, and a Kansas City sports fan. Alex can be found on Bluesky at yelix.bsky.social.
