Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

When Windows Defender Updates Become a Security Risk

DEFCONConference via YouTube

Overview

Explore a DEF CON 31 conference talk that reveals critical vulnerabilities in Windows Defender's signature update process. Dive deep into Windows Defender architecture, signature database format, and update process security verification logic to understand how unprivileged users can potentially compromise Windows systems without requiring a rogue certificate. Learn about Defender-Pretender, a tool demonstrating how attackers can neutralize EDR capabilities, enabling malicious code execution without detection and potentially causing irreversible system damage through forced deletion of critical files. Discover the implications of manipulating Defender's detection and mitigation logic, highlighting significant security risks in what should be a highly secured update process.

Syllabus

DEF CON 31 - Defender Pretender When Windows Defender Updates Become a Security Risk -Bar, Attias

Taught by

DEFCONConference

Reviews

Start your review of When Windows Defender Updates Become a Security Risk

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.