Explore a critical security vulnerability in Windows Defender and Microsoft 365 Defender through this 39-minute Black Hat conference talk. Dive deep into the Windows Defender architecture, signature database format, and update process, with a focus on security verification logic. Discover how adversaries can exploit a powerful 0day vulnerability to compromise Windows agents and servers worldwide. Learn about the potential risks to enterprise machines using Microsoft 365 Defender. Presented by Omer Attias and Tomer Bar, this eye-opening session reveals the unexpected security implications of Windows Defender updates and provides valuable insights for cybersecurity professionals and IT administrators.
Defender-Pretender - When Windows Defender Updates Become a Security Risk
Overview
Syllabus
Defender-Pretender: When Windows Defender Updates Become a Security Risk
Taught by
Black Hat
Related Courses
-
MD-101 Manage Windows client security
-
MD-102 Manage endpoint security
-
When Windows Defender Updates Become a Security Risk
-
MS-101 Manage your security services in Microsoft Defender XDR
-
SC-200: Mitigate threats using Microsoft Defender for Endpoint
-
MS-101 Explore security metrics in Microsoft Defender XDR
