Skip to main content

A dodgy patch has left a bunch of Windows systems open to attack

man annoyed at laptop
(Image credit: fizkes / Shutterstock)

Microsoft has revealed a botched update has disabled endpoint security protections across a large number of Windows-based systems.

Although PCs running Windows 10 and Windows 11 are unaffected, the offending patch has left devices running Windows Server 2019 and 2022 open to attack.

“After installing KB5007205 or later updates, Microsoft Defender for Endpoint might fail to start or run on devices with a Windows Server Core installation,” warned Microsoft, in a post on the Windows Server health dashboard.

The company says it is currently developing a patch to address the problem, but did not respond immediately to our request for clarification as to when customers can expect the issue to be fixed.

More Windows security problems

Unfortunately, this isn’t the only issue introduced during the latest round of Windows updates. Microsoft was also forced to roll out a fix for a bug that was preventing Kaspersky antivirus apps from opening after updates were installed using the Microsoft Installer.

Unlike the Windows Server issue, this problem affected regular users running Windows 10 and 11, as well as businesses.

“After the installation of a Windows update Kaspersky Endpoint Security for Windows keeps functioning correctly and the security of the system remains intact. However, errors may occur at attempts to upgrade the application, install a private patch or change the scope of the application components,” wrote Kaspersky in a support document.

Separately, security researchers at Trend Micro disclosed an exploit for a zero-day vulnerability that could allow an attacker to seize admin privileges across all supported versions of Windows.

Microsoft attempted to remedy a connected problem as part of the most recent Patch Tuesday, but analysis of the patch revealed a bypass that led to this new, more dangerous privilege elevation vulnerability.

Via Bleeping Computer

Joel Khalili

Joel Khalili is a Staff Writer working across both TechRadar Pro and ITProPortal. He's interested in receiving pitches around cybersecurity, data privacy, cloud, storage, internet infrastructure, mobile, 5G and blockchain.