fbpx
Frame-14

Privacy Ninja

        • DATA PROTECTION

        • CYBERSECURITY

        • Penetration Testing

          Secure your network against various threat points. VA starts at only S$1,000, while VAPT starts at S$4,000. With Price Beat Guarantee!

        • API Penetration Testing
        • Enhance your digital security posture with our approach that identifies and addresses vulnerabilities within your API framework, ensuring robust protection against cyber threats targeting your digital interfaces.

        • On-Prem & Cloud Network Penetration Testing
        • Boost your network’s resilience with our assessment that uncovers security gaps, so you can strengthen your defences against sophisticated cyber threats targeting your network

        • Web Penetration Testing
        • Fortify your web presence with our specialised web app penetration testing service, designed to uncover and address vulnerabilities, ensuring your website stands resilient against online threats

        • Mobile Penetration Testing
        • Strengthen your mobile ecosystem’s resilience with our in-depth penetration testing service. From applications to underlying systems, we meticulously probe for vulnerabilities

        • Cyber Hygiene Training
        • Empower your team with essential cybersecurity knowledge, covering the latest vulnerabilities, best practices, and proactive defence strategies

        • Thick Client Penetration Testing
        • Elevate your application’s security with our thorough thick client penetration testing service. From standalone desktop applications to complex client-server systems, we meticulously probe for vulnerabilities to fortify your software against potential cyber threats.

        • Source Code Review
        • Ensure the integrity and security of your codebase with our comprehensive service, meticulously analysing code quality, identifying vulnerabilities, and optimising performance for various types of applications, scripts, plugins, and more

        • Email Spoofing Prevention
        • Check if your organisation’s email is vulnerable to hackers and put a stop to it. Receive your free test today!

        • Email Phishing Excercise
        • Strengthen your defense against email threats via simulated attacks that test and educate your team on spotting malicious emails, reducing breach risks and boosting security.

        • Cyber Essentials Bundle
        • Equip your organisation with essential cyber protection through our packages, featuring quarterly breached accounts monitoring, email phishing campaigns, cyber hygiene training, and more. LAUNCHING SOON.

Microsoft Fixes Bug Blocking Defender for Endpoint on Windows Server

Microsoft Fixes Bug Blocking Defender for Endpoint on Windows Server

Microsoft has addressed a known issue that plagued Windows Server customers for weeks, preventing the Defender for Endpoint enterprise security platform from launching on some systems.

When it acknowledged the bug in November, Microsoft explained that the endpoint security solution (previously known as Microsoft Defender Advanced Threat Protection or Defender ATP) failed to start or run on devices running Windows Server Core installations.

Also Read: Top 25 Data Protection Statistics That You Must Be Informed

The issue only impacts devices where customers installed Windows Server 2019 and Windows Server 2022 security updates issued during last month’s Patch Tuesday.

Microsoft addressed the bug with the release of KB5008223 this week as part of the December 2021 Patch Tuesday.

As Redmond revealed, KB5008223 “addresses a known issue that might prevent Microsoft Defender for Endpoint from starting or running on devices that have a Windows Server Core installation.”

You can install this cumulative update through Windows Update and Microsoft Update, Windows Update for Business, Windows Server Update Services (WSUS), and the Microsoft Update Catalog.

Reports of Defender crashes and false positives

After Microsoft confirmed this Defender for Endpoint issue, BleepingComputer also spotted reports of Microsoft Defender Antivirus crashes with EventID 3002 notifications (MALWAREPROTECTION_RTP_FEATURE_FAILURE) and “Real-time protection encountered an error and failed” errors codes.

They occurred after installing security intelligence updates between versions 1.353.1477.0 and 1.353.1486.0 and were fixed by Microsoft with the release of version 1.353.1502.0.

Later last month, Microsoft Defender for Endpoint also scared Windows admins with Emotet false positives, as it started blocking Office documents from being opened and some executables from launching, falsely tagging them as potentially bundling Emotet malware payloads.

Also Read: Completed DPIA Example: 7 Simple Helpful Steps To Create

While Microsoft didn’t reveal what triggered these false positives, the most likely reason was that the company increased the sensitivity for detecting Emotet-like behavior making its generic behavioral detection engine too sensitive.

The change was probably prompted by the recent revival of the Emotet botnet from two weeks ago, when Emotet research group Cryptolaemus, GData, and Advanced Intel began seeing TrickBot deploying Emotet loaders on infected devices.

Since October 2020, Windows admins have dealt with similar false positive issues affecting Defender for Endpoint, including one that marked network devices infected with Cobalt Strike and another that tagged Chrome updates as PHP backdoors.

0 Comments

KEEP IN TOUCH

Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!

Personal Data Protection

REPORTING DATA BREACH TO PDPC?

We have assisted numerous companies to prepare proper and accurate reports to PDPC to minimise financial penalties.
×

Hello!

Click one of our contacts below to chat on WhatsApp

× Chat with us