• Technology The Government warns about a serious security problem in Windows: this is how you can solve it

  • Windows Alert for a failure in Windows that damages your computer forever

A security flaw has been present in the Windows antivirus

that comes pre-installed on PCs, Windows Defender, for 12 years going completely unnoticed until on Tuesday Windows itself solved this vulnerability with a security patch.

The security problem allowed

potential attackers to access the security privileges of the Windows system

, which are reserved only for administrators, as the cybersecurity company SentinelOne has alerted, which discovered the flaw.

The vulnerability in question was present in Microsoft Defender, the antivirus pre-installed on computers with the Windows operating system (installed on more than a

billion devices

around the world).

At least

since 2009

, this 'software' contained a 'driver' known as 'BTR.sys'.

This item is responsible for removing the system file and other resources created by malicious 'software' on infected computers.

The operation of this 'driver' did not check in one of its processes if the files deleted and created had been changed by a link, which would allow an attacker to

overwrite files on

the device, an action that can only be carried out by the administrator and is consider escalation of privilege.

There is no evidence, according to SentinelOne, that the vulnerability has been exploited by malicious actors to carry out attacks, and it could not have been detected in more than 12 years because the

vulnerable

'driver'

is a component

that is not usually stored on the hard drive, but is used and immediately deleted.

Last Tuesday, Microsoft released an update that ended the security problem, dubbed CVE-2021-24092.

The patch was distributed automatically to all Windows 10 users

, who do not have to take additional action.

However, according to SentinelOne, devices with previous versions of the system, such

as Windows 7

, remain vulnerable to potential attacks after the end of security support.

According to the criteria of The Trust Project

Know more

  • Microsoft

GadgetsThe new Apple product: a virtual reality headset

Technology Alert for a failure in Windows that damages your computer forever

Stadia deflates: they cancel the production of their own games

See links of interest

  • Holidays 2021

  • Baskonia-Joventut, live

  • RB Leipzig - FC Augsburg

  • Bologna - Benevento

  • Celta de Vigo - Elche

  • Sabadell - Real Zaragoza