Windows Defender is vulnerable: They find a flaw that puts millions of users at risk

A vulnerability has been discovered in Windows Defender, with cyber criminals taking advantage of it to jeopardize the security of users of the Microsoft operating system.

Trend Micro, a cybersecurity company, was responsible for finding the issue, which was identified as CVE-2024-21412 and has already been fixed. Preventing more people from being attacked.

CVE-2024-21412 is a zero-day vulnerability discovered in Windows DefendR. This flaw allows bypasses in Windows Defender SmartScreen, including bypassing security systems implemented in computer networks, applications, or devices.

This error makes it easier to carry out malware attacks, Also included is infection with the DarkMe remote access trojan (RAT), used for data theft and ransomware.

After identifying the threat, the company contacted Microsoft to find a solution and avoid putting more users at risk.

The solution from the company that owns Windows was to release a virtual patch as a temporary measure to protect its customers’ systems against the CVE-2024-21412 exploit. Additionally, it highlighted the importance of threat intelligence to keep customers safe from emerging threats even before official patches are released by vendors.

These types of “zero-day” flaws are an increasingly popular way for threat actors to achieve their goals, said Kevin Simzer, Trend’s COO, because attackers can “identify limited patches from vendors and bypass them.” can do”.

The CVE-2024-21412 vulnerability represents a significant risk to Windows Defender users. Allowing attackers to avoid detection by Windows Defender SmartScreen opens the door to potential malware attacks, such as the DarkMe remote access trojan, Which can result in theft of sensitive data and distribution of ransomware.

Being a zero-day issue in the Windows security system, it is a problem that exposes millions of users around the world who use this type of software.

Given the severity of this vulnerability, users are advised to take immediate steps to protect their systems. This includes applying virtual patches provided by Trend Micro as well as keeping your systems and software updated regularly.

Besides, Being attentive to possible performance problems on the computer is important to determine if the device was tampered with and be able to take action.

Recently, macOS users have been the target of a malware attack designed to steal files from their computers. This malicious software, known as Trojan.MAC.RustDoor, has raised concerns because, in addition to its reach, Has the ability to bypass device security systems and compromise user privacy,

Besides, This malware went unnoticed because it was hidden behind a supposed update to Microsoft’s Visual Studio Code editorWhich makes it difficult for people to identify.

One of the features of this malware is its ability to selectively steal files and send them to a remote command and control server. Using the Rust programming language, Trojan.MAC.RustDoor can avoid detection and analysis by traditional security systems, making it especially dangerous for macOS users.

The delivery methods used by this attack are diverse. In addition to spoofing legitimate Visual Studio updates, the malware uses misleading names to trick users into downloading a malicious file.

Once in the system, Trojan.MAC.RustDoor performs a variety of malicious actions, including data collection, file manipulation, and extracting information about the infected device.