A critical security flaw in Windows Defender has been exposed, allowing attackers to gain SYSTEM-level access on Windows machines without requiring a password or user interaction. The vulnerability, tracked as RedSun, exploits a flaw that lets hackers write files with elevated privileges. This means an attacker could take complete control of a system, install malware, or steal data without the victim noticing.
Microsoft was informed of the issue months ago but has not yet released a patch. The company has not commented on when a fix will be available. Security researchers warn that the flaw is already being exploited in targeted attacks. Users with automatic updates disabled are at the highest risk.
The flaw lies in how Windows Defender processes certain file types. When an attacker tricks the system into scanning a malicious file, the software mistakenly grants it SYSTEM permissions. This bypasses standard security measures, making it a serious threat to both personal and corporate users.
Experts recommend disabling Windows Defender’s real-time scanning as a temporary workaround. Microsoft’s delayed response has drawn criticism from cybersecurity professionals. The company typically patches critical flaws within days, but this case remains unresolved after weeks of warnings.
The RedSun vulnerability highlights ongoing issues with built-in security tools. Unlike third-party antivirus software, Windows Defender is pre-installed on most Windows systems, making the flaw particularly dangerous.
Source: itavisen.no