Microsoft closed a rather dangerous vulnerability in Microsoft Defender that has existed since 2009. The 12-year deficit covers the company’s other security products.
Microsoft fixed a fairly old vulnerability in the built-in antivirus software Microsoft Defender (formerly Windows Defender). Exactly 12 years ago, the open allowed hackers to take administrative privileges and damage the victim’s computer.
According to Microsoft’s statistics, Microsoft Defender is currently installed on more than 1 billion Windows 10 users’ computers. It was stated that the vulnerability with the reference number CVE-2021-24092 is present in all Microsoft Defender versions released since 2009.
Hackers need to access the target device remotely or physically to exploit the vulnerability. It is reported that the problem not only covered Microsoft Defender but also other security products such as Microsoft Endpoint Protection, Microsoft Security Essentials and Microsoft System Center Endpoint Protection.
Detected in November Patch arrived in February
The SentinelOne security company immediately reported the vulnerability they detected in November 2020 to the company. Microsoft released the required patch only in February 2021. Perhaps the company was comfortable with the complex way the deficit worked. Otherwise the patch should have been released much earlier.
Note that the vulnerability, which has not been detected for more than ten years, has been discovered in the BTR.sys driver. The fix included in Microsoft’s Tuesday patch released on February 9, 2021, is automatically installed on systems. So users don’t need to download and install manually.