What privileges could be gained by an attacker who successfully exploited this vulnerability? An attacker who successfully exploited this vulnerability could gain SYSTEM privileges. References Identification Last version of the Windows Defender Antimalware Platform affected by this vulnerability Version 4.18.23070.1004 First version of the Windows Defender Antimalware Platform with this vulnerability addressed Version 4.18.23100.2009 See Manage Updates Baselines Microsoft Defender Antivirus for more information. Microsoft Defender is disabled in my environment, why are vulnerability scanners showing that I am vulnerable to this issue? Vulnerability scanners are looking for specific binaries and version numbers on devices. Microsoft Defender files are still on disk even when disabled. Systems that have disabled Microsoft Defender are not in an exploitable state. Why is no action required to install this update? In response to a constantly changing threat landscape, Microsoft frequently updates malware definitions and the Windows Defender Antimalware Platform. In order to be effective in helping protect against new and prevalent threats, antimalware software must be kept up to date with these updates in a timely manner. For enterprise deployments as well as end users, the default configuration in Microsoft antimalware software helps ensure that malware definitions and the Windows Defender Antimalware Platform are kept up to date automatically. Product documentation also recommends that products are configured for automatic updating. Best practices recommend that customers regularly verify whether software distribution, such as the automatic deployment of Windows Defender Antimalware Platform updates and malware definitions, is working as expected in their environment. How often are the Windows Defender Antimalware Platform and malware definitions updated? Microsoft typically releases an update for the Windows Defender Antimalware Platform once a month or a
<a href="https://www.linkedin.com/in/sascha-meyer-7656201a8/">Sascha Meyer</a> with <a href="https://gai-netconsult.de/index.php">GAI NetConsult GmbH</a>