A security researcher has disclosed two new zero-day vulnerabilities in Microsoft Defender, named "RedSun" for privilege escalation and "UnDefend" which allows a standard user to block Defender signature updates or disable the application. According to the article, these two flaws, along with a previously disclosed third exploit, are all now being actively exploited in the wild. The article does not provide specific version ranges, patch details, CVSS scores, or recommended workarounds for these vulnerabilities.
The security researcher who earlier this month published a proof-of-concept (PoC) exploit for a zero-day privilege escalation vulnerability in Microsoft Defender is back with two more. The first, dubbed “RedSun,” is another privilege escalation flaw in the same platform. The second, “UnDefend,” allows a standard user to block Microsoft Defender from receiving signature updates or disable it entirely (if Microsoft pushes a major Defender update). And, according to Huntress researchers, all three exploitation techniques have … More → The post Researcher drops two more Microsoft Defender zero-days, all three now exploited in the wild appeared first on Help Net Security .