Windows 11 safe? bypass Windows Defender

As it seems that Windows Defender Windows 11 can be bypassed, allowing malware to bypass the sandbox and gain access to the operating system.

Security researcher @ an0n_r0 describes the security gap with very little information, but allows various conclusions to be drawn.
windows 11 metasploit

The researcher chose Windows 11 to test its security Windows Defender. His goal was to escape the sandbox, which is supposed to isolate malicious code. So he wrote an encrypted shell that sends the malicious code to memory.

The whole process can be activated remotely. In the following tweet, the screenshots show that all the steps of the attack worked and the shell code was able to recover data from Windows and display it in a window.

The security investigator did not provide further details on how he accomplished these steps, but said he was "working with Meterpeter."

Meterpreter is a payload for attacks through Metasploit. Provides an interactive shell, through which an attacker can explore the target computer and run code.

The Meterpreter works using DLL injection in memory and the malicious code is loaded entirely into memory. It does not write anything to the hard disk, nor does it create new processes. So the imprint of such an attack is very limited.

iGuRu.gr The Best Technology Site in Greeceggns

Get the best viral stories straight into your inbox!















Windows Defender, Windows 11, iguru, Metasploit

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).