A vulnerability in Windows Defender allows malware to gain administrative privileges and write to the System32 folder by exploiting the antivirus's handling of cloud-synced files; the exploit triggers when Defender attempts to quarantine a malicious file flagged as a cloud file, causing it to be written to a privileged location. The article does not provide a CVE, CVSS score, specific affected Windows or Defender versions, a fixed version, or a recommended workaround.
Windows Defender Vulnerability installs Malware in System32: RedSun, Undefend and BlueHammer, Zero-Days in Windows Defender could let hackers install their rootkit and gain administrator privileges. Learn Cybersecurity with TryHackMe (Sponsor): https://tryhackme.com/PCSecuritySAL2 (Code:PCS30) Buy the best antivirus: https://thepcsecuritychannel.com/best-antivirus Join the discussion on Discord: http://discord.tpsc.tech/ Get your business endpoints tested by us: http://tpsc.tech/ Contact us for business: https://thepcsecuritychannel.com/contact