Exploits Turn Windows Defender Into Attacker Tool

Threat actors are exploiting three publicly available proof-of-concept vulnerabilities—BlueHammer, RedSun, and UnDefend—to turn Microsoft Defender's built-in security functions against the systems it is meant to protect, enabling SYSTEM-level access and disrupting update mechanisms. While Microsoft has patched BlueHammer, the other two remain unpatched, and these exploits are actively used in targeted attacks that highlight systemic validation weaknesses in Defender’s privileged workflows, underscoring the need for updated defenses and multi-factor authentication for remote access.

https://www.darkreading.com/cyberattacks-data-breaches/exploits-turn-windows-defender-attacker-tool

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top