Technology The Government warns about a serious security problem in Windows: this is how you can solve it
Windows Alert for a failure in Windows that damages your computer forever
A security flaw has been present in the Windows antivirus
that comes pre-installed on PCs, Windows Defender, for 12 years going completely unnoticed until on Tuesday Windows itself solved this vulnerability with a security patch.
The security problem allowed
potential attackers to access the security privileges of the Windows system
, which are reserved only for administrators, as the cybersecurity company SentinelOne has alerted, which discovered the flaw.
The vulnerability in question was present in Microsoft Defender, the antivirus pre-installed on computers with the Windows operating system (installed on more than a
billion devices
around the world).
At least
since 2009
, this 'software' contained a 'driver' known as 'BTR.sys'.
This item is responsible for removing the system file and other resources created by malicious 'software' on infected computers.
The operation of this 'driver' did not check in one of its processes if the files deleted and created had been changed by a link, which would allow an attacker to
overwrite files on
the device, an action that can only be carried out by the administrator and is consider escalation of privilege.
There is no evidence, according to SentinelOne, that the vulnerability has been exploited by malicious actors to carry out attacks, and it could not have been detected in more than 12 years because the
vulnerable
'driver'
is a component
that is not usually stored on the hard drive, but is used and immediately deleted.
Last Tuesday, Microsoft released an update that ended the security problem, dubbed CVE-2021-24092.
The patch was distributed automatically to all Windows 10 users
, who do not have to take additional action.
However, according to SentinelOne, devices with previous versions of the system, such
as Windows 7
, remain vulnerable to potential attacks after the end of security support.
According to the criteria of The Trust Project
Know more
Microsoft
GadgetsThe new Apple product: a virtual reality headset
Technology Alert for a failure in Windows that damages your computer forever
Stadia deflates: they cancel the production of their own games
See links of interest
Holidays 2021
Baskonia-Joventut, live
RB Leipzig - FC Augsburg
Bologna - Benevento
Celta de Vigo - Elche
Sabadell - Real Zaragoza