Patch Leaves Windows Servers Subject To Attacks


A recent patch disabled Microsoft Defender for Endpoint, leaving devices that run Windows Server 2019/2022 subject to attacks.

Although this doesn’t affect the everyday users who runs off of Windows 10 or 11. Many System Administrators and Information Technology professinals have systems that can easily be compromised due to the anti-virus system being disabled.

KB5007205 or Later

This comes from installing KB5007205 or later versions. Microsoft stated in a post that these updates might have Microsoft Defender fail to startup or run with the Windows Server Core installed. With the anti-virus coming off a recent ransomware upgrade introducing AI to their security, Microsoft is usually on top of it however, they have already came out and said they will develop a patch to resolve this issue.

Other Recent Issues

That’s all for the current issue however, Microsoft has had many other issues lately. Including another anti-virus issue for the everyday user using Windows 10 and 11 devices. This in the form of Kaspersky being unable to run after a recent update was installed via Microsoft’s built in updater.

Kaspersky put out a statement stating the following.

After the installation of a Windows update Kaspersky Endpoint Security for Windows keeps functioning correctly and the security of the system remains intact, but installation of a major update for Kaspersky Endpoint Security for Windows (for example, upgrading from version 11.6 to 11.7) becomes unavailable.

Kaspersky also put out instructions on how to fix the issue which you can view here.

There is also said to be multiple zero-dat exploits such as the one that lets you become an Administartor user instantly.

We hope this issue gets resolved shortly as it is very dangerous to run systems without having an anti-virus in place for obvious reasons. We enjoy using Kaspersky here at NoFaceTech so we were exstatic to hear that Microsoft released a patch shortly after the issue with Kaspersky. We assume they will do the same with the Servers so be on the lookout for it.