On April 3rd, Microsoft issued an out-of-band (outside of their usual schedule of the second Tuesday of the month) update to address a critical vulnerability within the Microsoft Malware Protection Engine (part of Windows Defender, Microsoft Security Essentials, Windows Intune Endpoint Protection, Exchanger Server 2013 and 2016 and Microsoft Forefront Endpoint Protection 2010).
Since these anti-malware applications are designed to automatically update; they should install the updated Malware Protection Engine within 48 hours.
If you wish to verify that your installation of these products has been updated, please follow the steps within this knowledge base article (please see the heading “Verification of the update installation”).
The updated Malware Protection Engine version is 1.1.14700.5 (or a later/higher version). Thank you.