Internet

This flaw in Windows allows viruses to enter without detecting it

windows defendr is a very popular antivirus and the truth is that its performance is quite good. It protects very well from most threats, it’s free and we don’t have to do much more as it comes integrated with Windows. However, in this article we echo a bug that puts your security at risk. In fact, it allows viruses to enter without being detected.

Microsoft fixes a bug in Windows Defender

If you have not updated the system, you should install the latest versions as soon as possible. From Microsoft they have corrected a major vulnerability that affects Windows Defender and allows an attacker to sneak and execute malicious payloads on the system without triggering malware detection.

This problem only affects Windows 10. According to the security researchers behind this discovery, the vulnerability has been present since 2014. It is a problem in the security settings, which contains the list of locations that are excluded from antivirus scanning.

Basically an attacker locally I could access the Windows Registry and see what folders were on the antivirus exclusion list. These are the folders that we can add so that Windows Defender does not act on them. A way to avoid false positives on those folders, for example.

What the attacker could do is sneak malware precisely into those folders where the antivirus will not act. For example, a ransomware that is responsible for encrypting the entire system and files to ask for a ransom in return. Of course, it will always need to have physical access, which makes it not easy for them to really exploit this bug.

Fortunately, this problem is no longer such. Microsoft has released a update to address this vulnerability in Windows Defender. You just have to make sure you have the latest versions available and your computer will not be affected by this problem. Also, if you already use Windows 11, it does not affect it.

Administrator privileges to enter

The change that Microsoft has introduced is that now users who want to access the list of exclusions will need to have administrator permission. Without them they will not be able to access this information and, therefore, they will not know which folders may be excluded from the antivirus and be able to carry out attacks taking advantage of this circumstance.

Therefore, once again the importance of having updated systems at all times. We can fix security bugs like this, as well as get your computer running as smoothly as possible, with good performance. It is something that we must apply to any system or program that we use.

In addition to having everything updated correctly, you should always have a good antivirus. Windows Defender, beyond this problem that we have seen in the article, is a good security program. It’s easy to use, it protects well and it also receives constant updates to adapt to new threats. Although sometimes errors like virus detected in Windows can appear and really be a false positive. However, it is something that can happen in any security application you use.

Related Articles

Leave a Reply

Your email address will not be published.