MICROSOFT PATCHES DEFENDER ZERO-DAYS IN ACTIVE ATTACKS

Microsoft began deploying fixes for the two critical Defender vulnerabilities this week after confirming they were already under active exploitation. The timing suggests attackers discovered and weaponized the flaws before Microsoft's awareness, giving threat actors a window to target vulnerable systems. The company did not immediately disclose detailed technical specifications about the vulnerabilities or the scope of attacks. However, the decision to expedite patches indicates Microsoft assessed the threats as severe enough to warrant priority distribution. Zero-day exploits—attacks leveraging previously unknown security flaws—are particularly dangerous because defenders have no advance notice to develop protections. Windows Defender's central role in system security makes vulnerabilities in the software especially valuable to threat actors. Organizations running affected Defender versions should apply patches immediately through Windows Update or Microsoft's security portal. Users can check their system settings to verify automatic updates are enabled. This incident underscores ongoing pressure on Microsoft to maintain security across its sprawling software ecosystem. Defender vulnerabilities are particularly sensitive given their privileged system access and widespread deployment across consumer and enterprise environments. Microsoft has not attributed the attacks to specific threat groups or disclosed affected customer counts. The company typically provides more details in security advisories published on its website. Users who cannot immediately patch should consider implementing additional defensive measures, including disabling unnecessary features, restricting administrative access, and monitoring for suspicious system activity.