Microsoft has confirmed a critical security vulnerability in Windows Defender, identified as CVE-2024-49071, which could have allowed unauthorized access to sensitive data across a network. Despite the severity, users are not required to take any action as Microsoft has already mitigated the issue server-side. This approach aligns with Microsoft's new transparency policy on server-side vulnerabilities, ensuring users are informed without needing to install updates themselves.
Hackers are exploiting a high-severity vulnerability in Windows SmartScreen to spread the Phemedrone info-stealing malware, bypassing security warnings and potentially compromising user data. Updating Windows with the latest security patches is crucial to protect against this threat, as hackers are using trusted cloud services and URL shorteners to disguise malicious files. Users are advised to be cautious when downloading files and to stick to trusted sources, as hackers may exploit compromised accounts to spread malware. While the SmartScreen flaw has been patched, vigilance and regular software updates are essential to stay safe from evolving cyber threats.
A trojanized installer for the popular Super Mario 3: Mario Forever game for Windows is infecting users with multiple malware infections, including an XMR miner and an information stealer called Umbral Stealer. The malware is likely promoted on gaming forums or social media groups and is distributed through unknown channels. Users should scan their computers for malware, reset passwords at sensitive sites, and download software only from official sources.
A CPU bug affecting Firefox users on Windows was actually the fault of Windows Defender's MsMpEng.exe, which handles the Real-Time protection feature that monitors web activity for malicious threats. The bug was causing Firefox to call on the service much more frequently than comparable browsers like Chrome or Edge, resulting in notable CPU spikes. The latest update to Windows Defender addresses the issue, resulting in measurably lower CPU usage for the Windows version of Firefox.
Microsoft has released a bug-fixing update to its Windows Defender antimalware application that resolves a five-year-old issue that was negatively affecting Firefox users during their web browsing sessions. The issue was caused by the Antimalware Service Executable component of Defender (MsMpEng.exe) that was executing a high number of calls to the OS kernel's VirtualProtect function while tracing Windows events (ETW). This was using five times the CPU power with Firefox compared to other browsers. The recent update for Defender's antimalware engine provides a massive ~75% improvement in CPU usage while browsing the web with Firefox.
Microsoft has finally fixed a five-year-old bug related to Windows Defender and its Antimalware Service Executable (MsMpEng.exe) service that caused high CPU usage on Mozilla Firefox. The bug was resolved by the efforts of Microsoft and the Mozilla development team, and the fix is now available for all users as part of regular definition updates. The bug did not affect Windows 7 and 8.1 users. There is further scope for improvements to the processor usage in Firefox when compared to Chrome.
