Security researchers from CyberArk Labs discovered security flaw in Windows operating system 10 and 8.1!
Are you running Windows 10 or Windows 8.1, then you should be aware of this security flaw discovered by industry security leaders CyberArk Labs.
“In order to abuse Windows Defender,” the researchers write, “an attacker would have to implement the SMB protocol and create a ‘pseudo-server’ that can differentiate Windows Defender’s request from normal requests.”
CyberArk Labs is a American information security company offering privileged account security. CyberArk was founded in Israel in 1999 by Alon N. Cohen and current CEO Udi Mokady.
The group goes on to explain this creates a means to trick the system into scanning a different file than the one actually carrying malware. This means attackers could execute known malware behind the pretence of a legitimate file fed from an server message block (SMB) server, according to CyberArk Labs.
A malicious file served in this way can be clicked on, and Windows Defender will scan a completely different and innocuous file – missing the malicious file. Despite this Windows will still load the real, malicious file. The technique therefore represents a means to circumvent Windows Defender, CyberArk said.
to read more about please follow this link