Windows Defender vulnerability finally patched after 12 years

Share

• Copy link
• Facebook
• X
• Whatsapp
• Reddit
• Pinterest
• Flipboard
• Email

Share this article

Join the conversation

Follow us

Add us as a preferred source on Google

Newsletter

Get the PC Gamer Newsletter

Keep up to date with the most important stories and the best deals, as picked by the PC Gamer team.

Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors

---

By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

You are now subscribed

Your newsletter sign-up was successful

---

Want to add more newsletters?

Every Friday

GamesRadar+

Your weekly update on everything you could ever want to know about the games you already love, games we know you're going to love in the near future, and tales from the communities that surround them.

Signup +

Every Thursday

GTA 6 O'clock

Our special GTA 6 newsletter, with breaking news, insider info, and rumor analysis from the award-winning GTA 6 O'clock experts.

Signup +

Every Friday

Knowledge

From the creators of Edge: A weekly videogame industry newsletter with analysis from expert writers, guidance from professionals, and insight into what's on the horizon.

Signup +

Every Thursday

The Setup

Hardware nerds unite, sign up to our free tech newsletter for a weekly digest of the hottest new tech, the latest gadgets on the test bench, and much more.

Signup +

Every Wednesday

Switch 2 Spotlight

Sign up to our new Switch 2 newsletter, where we bring you the latest talking points on Nintendo's new console each week, bring you up to date on the news, and recommend what games to play.

Signup +

Every Saturday

The Watchlist

Subscribe for a weekly digest of the movie and TV news that matters, direct to your inbox. From first-look trailers, interviews, reviews and explainers, we've got you covered.

Signup +

Once a month

SFX

Get sneak previews, exclusive competitions and details of special events each month!

Signup +

---

An account already exists for this email address, please log in.

Subscribe to our newsletter

After twelve years of going unnoticed, a potential security threat hidden within a Windows defender driver has been exposed and fixed. The weakness in the Microsoft Defender software (as its now known) was actually flagged last November by researchers at security firm SentinelOne, but it's taken Microsoft until this week to finally patch it. 

According to Wired, the role of the driver in question is essentially to remove malicious files, while replacing them with a placeholder file—albeit an unvalidated file—which could potentially have become a target for hackers. According to SentinelOne's senior security researcher, Kasif Dekel, the software bug "allows privilege escalation,” providing administrative privileges to attackers that might attach malware to the temporary driver.

This could easily have resulted in hackers gaining control of your machine, and has put hundreds of thousands of users at risk due to the software coming pre-installed on Windows devices.

But the question remains, how has it gone unnoticed for so long?

It seems the driver may have slipped under the radar due to it not being stored locally on your machine, instead Windows employs what they call a “dynamic-link library” meaning the driver is only present temporarily, as and when it's needed. 

Thankfully it was only a vulnerability should attackers already have access to your device, whether that be remote or physical, so the threat would have to have come as an aside to other, more prevalent cyber-attack strategies. 

Try not to panic, but this kind of thing happens all the time. It's impossible to catch every bug before software rolls out. Let's just be grateful none of those pesky hackers noticed this one.