A dodgy patch has left a bunch of Windows systems open to attack


Microsoft has revealed a botched update has disabled endpoint security protections across a large number of Windows-based systems.

Although PCs running Windows 10 and Windows 11 are unaffected, the offending patch has left devices running Windows Server 2019 and 2022 open to attack.

“After installing KB5007205 or later updates, Microsoft Defender for Endpoint might fail to start or run on devices with a Windows Server Core installation,” warned Microsoft, in a post on the Windows Server health dashboard.

The company says it is currently developing a patch to address the problem, but did not respond immediately to our request for clarification as to when customers can expect the issue to be fixed.

More Windows security problems

Unfortunately, this isn’t the only issue introduced during the latest round of Windows updates. Microsoft was also forced to roll out a fix for a bug that was preventing Kaspersky antivirus apps from opening after updates were installed using the Microsoft Installer.

Unlike the Windows Server issue, this problem affected regular users running Windows 10 and 11, as well as businesses.

“After the installation of a Windows update Kaspersky Endpoint Security for Windows keeps functioning correctly and the security of the system remains intact. However, errors may occur at attempts to upgrade the application, install a private patch or change the scope of the application components,” wrote Kaspersky in a support document.

Separately, security researchers at Trend Micro disclosed an exploit for a zero-day vulnerability that could allow an attacker to seize admin privileges across all supported versions of Windows.

Microsoft attempted to remedy a connected problem as part of the most recent Patch Tuesday, but analysis of the patch revealed a bypass that led to this new, more dangerous privilege elevation vulnerability.

  • Also check out our list of the best ransomware protection services

Via Bleeping Computer


Cybercriminals secretly plan to run down entire security teams, here’s what businesses can do

Previous article

Amazon Alexa bug exposed voice data

Next article

You may also like


Leave a reply

Your email address will not be published.

More in Computing