Microsoft’s January Patch Tuesday security bulletin for 2021 includes fixes for one bug under active attack, possibly linked to the massive SolarWinds hacks. Microsoft addressed 10 critical bugs, one under active exploit and another publicly known bug. The most serious bug is a flaw in Microsoft s Defender anti-malware software that allows remote attackers to infect targeted systems with executable code. Microsoft also re-patched a vulnerability, that researchers believe was also being exploited in the wild, tracked as CVE-2021-1648.
Source: https://threatpost.com/critical-microsoft-defender-bug-exploited/162992/