- I wonder why Windows Defender has the privilege to alter the system files. Read them for analysis? Sure! Reset (as in, call some windows API to have it replaced with the original), why not? But being able to write sounds like a bad idea.
However, I don't know what I'm talking about so take it with a grain of salt!
by lexicality
1 subcomments
- helpfully the user provides a second tool which automatically turns off Windows Defender so you can't be affected by this: https://github.com/Nightmare-Eclipse/UnDefend
- I remember the times when Microsoft had a lot of problems 20 years ago because of Sasser and other viruses that were taking over Windows. They did not have any contenders. Yet they have stopped any software development for 9 months just to re-work their entire codebase to prevent things like direct memory execution and stuff like that. The result of that was Windows XP Service Pack 2. After that thing windows XP became a legend.
Now, when Linux is slowly creeping on one side, and Mac NEO on another they keep releasing this AI-slop.
By the looks of it they make most of their money from the cloud and other software things nowadays. And Windows has become a sidekick in their processes.
- cl /std:c++17 /EHsc /W4 /O2 /DUNICODE /D_UNICODE /wd4005 /Fe:RedSun.exe RedSun.cpp advapi32.lib ole32.lib user32.lib
by Implement7347
0 subcomment
- I'd love to think that this person is a rogue AI, (better than Claude mythos?) Dropping two zero days in one month is pretty interesting. Nice work.
- Any way to disable the entire cloud tag system?
by ranger_danger
1 subcomments
- > normally I would just drop the PoC code and let people figure it out
Looks like that's exactly what they did though?
Or maybe they just meant that they don't usually explain how it works?
- Tried to download and Defender blocks it.
by labelbabyjunior
4 subcomments
- A local privilege escalation to root via an exploitable service?
Doesn't Linux have one of these CVEs...each week?
Hacker News