Windows Security Software Had a Flaw That Let Ransomware Through. Update Now.
A vulnerability in Microsoft Defender was exploited by criminals before a fix was available, allowing ransomware attacks to succeed on Windows computers.
Source
SecurityWeek
Original headline: BlueHammer Vulnerability Exploited in Ransomware Attacks
Plain-English summary by GetCyberRight. Read the full report at the source above.
Microsoft Defender, the security software built into Windows computers, had a serious vulnerability that criminals exploited to launch ransomware attacks. This flaw was being used by hackers before Microsoft could release a fix, which is known as a zero day (a newly discovered software flaw with no fix yet) attack.
Ransomware locks your files and demands payment to unlock them. This affects anyone using Windows computers with Microsoft Defender. Since Defender comes automatically with Windows, this includes most home users, families, and businesses running Windows.
Stay one step ahead of scammers
Weekly cybersecurity briefings for families. No spam, just the threats that matter and what to do about them.
The criminals used this weakness to bypass the very software designed to protect your computer from threats like ransomware.
- Update Windows immediately. Go to Settings, then Windows Update, and click Check for Updates. Install all available updates, especially security updates.
- Restart your computer after updates finish installing. Many security patches only take effect after a restart.
- Make sure Windows is set to install updates automatically. In Windows Update settings, enable automatic updates so you receive future fixes right away.
- Back up your important files to an external hard drive or cloud service today. If ransomware does strike, backups let you restore your files without paying criminals. Going forward, maintain regular backups of your photos, documents, and other irreplaceable files. Keep your backup drive disconnected when not in use, so ransomware cannot encrypt it along with your computer. Train family members to recognize suspicious emails and links, since these are common ways ransomware gets installed. Regular updates and backups are your best defense against these attacks.
Curated from trusted cybersecurity sources by GetCyberRight
Source: SecurityWeekStay ahead of cyber threats
Get our free weekly digest. Real threats, plain language, what to do about them. No spam, ever.
More articles

Citrix Fixes Security Flaw Similar to Previous Major Breach
Citrix has patched a new security flaw in its NetScaler products. This mainly affects businesses using Citrix systems, not individual home users.
2 min read
Citrix Fixes Security Flaw in Business Software: Check If Your Workplace Is Protected
Citrix patched a serious security flaw in NetScaler software used by many companies. This affects workplace systems, not home computers.
2 min readWindows Security Software Flaw Used in Ransomware Attacks
A vulnerability in Microsoft Defender was exploited by criminals to launch ransomware attacks before Microsoft could release a security fix.
2 min readMajor Law Firm Suffers Data Breach: What to Know if You're a Client
Fox Rothschild, a top 100 law firm, experienced a data breach by a group that targets legal practices. Client information may have been exposed in the attack.
2 min read