Google Project Zero posted a serious vulnerability in Windows Defender and only 24 hours later, in record time, Microsoft has released a fix to this problem.
Being named “the worst remote code execution error in Windows of recent times”. The security bug was present in the Microsoft Malware Protection Engine (MMPE), the antivirus engine offered by Windows that is built in to the operating system.
It wasn't just Windows Defender that had this major issue, some other Microsoft software titles were affected as well. The complete list is as follows:
Windows Intune Endpoint Protection
Microsoft Security Essentials
Microsoft System Center Endpoint Protection
Microsoft Forefront Security for SharePoint
Microsoft Endpoint Protection
Windows Defender is the antivirus that is activated by default in Windows 7, 8.1, RT 8.1, and Windows 10, in addition to Windows Server 2016. That makes all users with some of these versions installed, vulnerable to this serious hole in Security.
Microsoft Released an Emergency Fix May 8th and detailed here on their website: https://technet.microsoft.com/en-us/library/security/4022344
If you have not updated your system since May 8th, it would be advisable to run your updates ASAP. This is a nasty bug that can self replicate and cause major issues.