Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Hackers take advantage of Microsoft Defender's 8-year-old weakness to bypass the virus detection system
Like any other antivirus, Microsoft Defender allows users to add exclusions (locally or on a network) on their system. When scanning for viruses, Microsoft Defender will ignore these excluded areas and folders.
Often users will create exclusion zones to prevent anti-virus software from affecting the functionality of a genuine application that is mistakenly detected as a virus.
Security researchers discovered that the list of locations excluded from Microsoft Defender's scanning was not protected at all. This results in any local user being able to access this list.
Regardless of permissions, users can access the Registry and find a list of locations excluded from the scan. The hacker will then plant the virus in those excluded locations and execute the malicious code without fear of detection.
Because the directory listings and exclusions are different for each user, there is no universal way to determine this for all computers. This also makes it easier for hackers to hide their behavior.
The news site BleepingComputer has conducted testing to confirm the problem. Testing showed that a ransomware executed from an excluded folder was able to run and encrypt the entire computer without any hindrance or warning from Microsoft Defender.
A security consultant discovered this problem 8 years ago and realized the advantages it brought to hackers.
Due to the long time of existence, and Microsoft has not taken action to patch the error, users and administrators should actively protect themselves by correctly configuring the exclusion area on the server and local machine via group policies.
Micah SotoYou should read it
- Compare Microsoft Defender and Bitdefender
- Microsoft Defender for Endpoint encountered an error that could not be started on Windows Server
- Windows Defender is disabled or inactive, this is a fix
- 3 ways to scan Windows 10 system-wide viruses with Microsoft Defender
- How to fix errors cannot open Windows Defender on Windows 7/8/10
- Use Windows Defender with Command Prompt on Windows 10
- Microsoft Defender for Business launched, mainly aimed at the small and medium business community
- Shadow Defender - Download Shadow Defender here
May be interested
- Best antivirus software in 2011
computer viruses are growing faster than ever and anti-virus software is also improving positively to meet this dizzying change. every year there are new generation of anti-virus software and it's hard to judge which product is best. - Which smartwatches and fitness trackers have fall detection?fall detection is useful because it can notify emergency contacts or call for help if the device registers that the wearer has fallen or experienced some kind of impact.
- What is Bypass? Information About iPhone Bypass You Need to Knowwhat is bypass? advantages and disadvantages and the most accurate and effective way to identify id. all of the above questions will be answered in the article below.
- Problems with Windows Genuine Advantage and workaroundswindows genuine advantage is a microsoft utility that addresses the copyright issues of windows xp and microsoft office products.
- Overview of building enterprise security detection and response systemsecurity policies of enterprises are usually built through the specific identification of the types of data assets, information needed or play an important role in ensuring the stable performance of the apparatus.
- 3 types of virus scans and the right time to useregularly scanning your system with antivirus software is one of the easiest ways to keep your system safe. along with a set of anti-malware software, antivirus software is a core feature of system security. but what type of virus scan should you run? is there any difference between full scan, fast scan and custom scan? see what happens when you click the 'scan' button through the following article.
- Watch out for the Christmas virus through Googlemr. nguyen minh duc, director of network security department of bkav, has just sent a warning: 'christmas and new year 2011 are approaching. hackers will definitely take advantage of these holidays ...
- Virus attacks Mac OS X operating systemlast week, security firm symantec warned of a virus that could spread on the mac os x platform. although the virus is not very dangerous, it raises a warning that there is no system. any action is not infected by the virus
- 3 ways to identify a Mac infected with a virusis your mac working a little strange? whether you are seeing ads that you cannot explain or your system is unusually slow, you may think the problem is due to malware. and you may be right in this case.
- 3 ways to scan Windows 10 system-wide viruses with Microsoft Defenderwindows 10 comes with microsoft defender security software built in. this software regularly checks and periodically scans to detect, prevent and destroy viruses, malware ... from entering your computer.
Security solution
- Microsoft's source code signature control system is easily bypassed by Zloader malware
- Detecting a series of vulnerabilities can help hackers disable metal detectors at airports
- How to block Windows Defender from sending data to Microsoft
- How to check if a URL is safe?
- This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
- Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers
Microsoft's source code signature control system is easily bypassed by Zloader malware
Detecting a series of vulnerabilities can help hackers disable metal detectors at airports
How to block Windows Defender from sending data to Microsoft
How to check if a URL is safe?
This is how Windows 11 and Windows 10 21H2 combat PrintNightmare, ransomware and other threats
Patches of dangerous vulnerabilities being exploited by hackers contain dangerous holes and then continue to be exploited by hackers