The vulnerability, discovered by SentinelOne experts in November last year, was identified as CVE-2021-24092. It also spreads to other Microsoft security products, including Microsoft Endpoint Protection, Microsoft Security Essentials, and Microsoft System Centre Endpoint Protection.
The problem was found in the BTR.sys driver (aka Boot Time Removal Tool), which is used to remove files and registry entries created by [...]
Various patches have been released for Windows, Edge Browser, Microsoft Office and Microsoft Office Services and Web Apps, Microsoft Windows Codecs Library, Visual Studio, SQL Server, Microsoft Malware Protection Engine, .NET Core, .NET Repository, ASP .NET, and Azure.
The biggest issue this month is undoubtedly a zero-day vulnerability in Microsoft Defender antivirus that hackers have already exploited. This bug was identified as CVE-2021-1647 and is described as an RCE [...]
Although it is not available to ordinary users and the full version is priced at about $3,500 per install, attackers still find ways to use it (for example, relying on old, pirated, jailbroken [...]
As a result, security solutions can be used for file manipulation attacks, and malware can gain elevated rights in the system.
Errors of this kind have been found in products from Kaspersky, McAfee, Symantec, Fortinet, Check Point, Trend Micro, Avira, and Microsoft Defender.
Currently, developers have already fixed all the problems, and the identifiers assigned to them can be seen below (Avast and F-Secure solutions are still awaiting CVE [...]