A bug in Microsoft Defender went unnoticed for 12 years, cybersecurity firm SentinelOne’s researchers found this bug in Microsoft Defender last November, later the issue was addressed with a patch on the 9th of February.
This bug that was built in Microsoft potentially allows hackers to overwrite the files or place any malicious code. After 12 years, this issue is finally addressed, this bug was undetected for more than a decade, the real reason behind this was this bug is not actively running on a computer’s storage, it runs in a Windows system called a dynamic-link library.
When the driver removes a suspicious file, a new file will be replaced later. Wired said the researcher found that this issue will allow the attackers the opportunity to place a system link that directs the driver to overwrite an incorrect file and runs malicious code.
Unlike any other premium antivirus software, Microsoft Defender is considered a basic antivirus software that has the potential to allow attackers to manipulate the system, millions of computer users are using this default software as an antivirus for the system, this vulnerable software may risk users into attackers’ hands.
Although both Microsoft and SentinelOne agreed there is no evidence of the patch bug was exploited maliciously, but they are on high alert on this issue so that no attackers will take advantage of the vulnerability of any software, including Microsoft Defender. Microsoft has confirmed for those that have updated and installed the new patch on the 9th of this month are well protected.