Microsoft finally patches Windows Defender bug after more than a decade

Microsoft has finally patched a security flaw affecting its Microsoft Defender antivirus program (formerly Windows Defender), that has remained undetected for 12 years. The flaw, tracked as CVE-2021-24092, affects devices old enough to still be running Windows 7, all the way up to newer Windows 10 models.

The vulnerability allows threat actors to carry out a privilege escalation attack that could lead to malicious code being inserted into Microsoft Defender system files. The bug, which was discovered by security researchers SentinelOne late last year, works by taking advantage of the fact that Defender replaces deleted malicious files with benign placeholder ones. However, as the system doesn’t specifically verify these new files, attackers could create a link system that forces Defender to delete the wrong files or run malicious ones.



Source link

Microsoft finally patches Windows Defender bug after more than a decade

by govindparmar time to read: 1 min
0