Microsoft Defender lets hackers know where to install malware

Forget what we said before…. Hackers Exploit a Weakness Affecting the Microsoft Defender Application on Windows to Learn Unscanned Sites to Install There software.

The vulnerability has been around for at least eight years, according to some users, and affects Windows 10 from version 21H1 to 21H2.Windows Defender

Όπως κάθε εφαρμογή προστασίας, το Microsoft Defender επιτρέπει στους χρήστες να προσθέτουν τοποθεσίες (τοπικές ή στο ) στα συστήματά τους που θέλουν να εξαιρεθούν από σαρώσεις κακόβουλου λογισμικού.

So there are many who add exceptions to antivirus that make it easier for other applications that are incorrectly detected as malware.

Βέβαια η λίστα των εξαιρέσεων σάρωσης διαφέρει από τον ένα χρήστη στον άλλο, Οι αυτές είναι πολύ χρήσιμες για κάποιον εισβολέα, καθώς γνωρίζει που μπορεί να αποθηκεύσει το κακόβουλο λογισμικό για μην εντοπιστεί.

The so they discovered that the list of sites excluded from Microsoft Defender scanning is not protected and any local user can access it.

Local users can ask the registry questions and learn the paths that Microsoft Defender is not allowed to check for malware or dangerous files, and they do not even need administrator privileges.windef

Antonio Cocomazzi, a security researcher at SentinelOne, reports on the Bleepingcomputer. that there is no protection for this information, which should be considered sensitive, and that executing the "reg query" command reveals all instructions received by Microsoft Defender to scan files, folders, extensions, or processes.

Another researcher, Nathan McNulty, confirmed that the problem exists in versions 21H1 and 21H2 of Windows 10, but does not affect Windows 11.

McNulty also confirmed that one can obtain the list of exceptions from the registry with entries that store the political group. This information is very sensitive as it provides exceptions for many computers. The Best Technology Site in Greecefgns

Subscribe to via Email

Subscribe to this blog and receive notifications of new posts by email.

malware, Microsoft Defender, iguru

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).