MariaAnn

the Red Sun vulnerability is genuinely one of the funniest bugs i've seen in a while Windows Defender finds a malicious file with a cloud tag and instead of quarantining or deleting it... it helpfully rewrites the file back to its original location the antivirus. protecting you. by restoring the malware. the PoC abuses this to overwrite system files and escalate to admin privileges the core idea is brilliant in the most embarrassing way possible sometimes the best vulnerabilities aren't clever exploits they're just Microsoft being Microsoft

I filled up this account 7+ years ago It's free to listen and only a couple hundred people ever listened to the Crazy DJ sessions and Broadcasts were either LIVE ONLY or Missed at the time So you need a different soundtrack to your day? Try Ochelli Style https://t.co/FrespixOeV

MICROSOFT IGNORED HIM. NOW YOUR PC PAYS FOR IT One researcher reported a critical Defender vulnerability privately. Microsoft dismissed it. So he published it - then dropped 2 more in 13 days. The latest is called RedSun. It's unpatched. It works 100% reliably on Windows 10, 11 and Server right now. It doesn't bypass your antivirus. It uses your antivirus as a weapon. Defender tries to restore a flagged file - the exploit redirects that write into C:\Windows\System32. No admin. No popup. SYSTEM access in seconds. -> BlueHammer - patched -> UnDefend - breaks Defender updates forever -> RedSun - unpatched, public PoC on GitHub His message to Microsoft: "I was not bluffing. And I'm doing it again." RCE is reportedly next. That one needs zero physical access.