A security researcher has recently unveiled a significant vulnerability within Microsoft Defender, which could potentially grant hackers administrative access to systems running Windows 10, Windows 11, and Windows Server. This revelation comes after the researcher, known as Chaotic Eclipse, expressed frustration over Microsoft’s lack of response to previous reports regarding the flaw.
In a new GitHub repository named RedSun, Chaotic Eclipse detailed the exploit, highlighting a rather ironic twist in the behavior of Windows Defender. The antivirus software, upon detecting a malicious file with a cloud tag, mistakenly opts to rewrite the file back to its original location instead of removing it. This peculiar action can be manipulated to overwrite system files, thereby granting elevated privileges to unauthorized users. As Chaotic Eclipse humorously noted, “I think antimalware products are supposed to remove malicious files, not be sure they are there, but that’s just me.”
Despite the inherent risks of disclosing such an exploit, Chaotic Eclipse’s decision stems from a deep-seated frustration with the Microsoft Security Response Center (MSRC). In a candid blog post, he recounted his experience with the MSRC, stating that he was met with hostility rather than support. “I was told personally by them that they will ruin my life and they did,” he lamented, indicating a sense of personal grievance against the corporate giant.
No solution in sight yet
The vulnerability was identified following April’s Patch Tuesday and remains unaddressed by Microsoft, leaving millions of users vulnerable. Although there is currently no evidence that this exploit is being actively exploited in the wild, the situation could change rapidly if malicious actors take advantage of the information shared by Chaotic Eclipse.
In light of this ongoing issue, users are advised to consider supplementing Microsoft Defender with additional antivirus solutions to bolster their security. For those seeking recommendations, PCWorld has curated a list of the best antivirus software options for Windows users.
For individuals utilizing Windows 11 Home, it may be worth exploring the benefits of upgrading to Windows 11 Pro, which offers enhanced features. Interested users can find attractive upgrade options available in the PCWorld Software Store.
This article was originally published in German by our sister publication, PC-WELT, and has been translated and localized for our audience.
Author: Laura Pippig, Staff Writer, PC-WELT
Laura Pippig is a passionate gamer and an avid fan of movies and television. With a background in communication science, she began her career at PCMagazin and Connect Living, eventually becoming a dedicated editor at PC-WELT since May 2024, where she covers a wide range of technology topics.
