How Microsoft found a Huawei driver that opened systems to attack

by Volker Weber

Huawei MateBook systems that are running the company's PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company's Microsoft Defender Advanced Threat Protection (ATP) service.

Monitoring systems were looking for attacks using technique popularized by the NSA. Quite a story.

More >


Huawei: Inkompetenz oder Absicht? Beides unerfreulich.

Gerhard Heeke, 2019-03-27

Old archive pages

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.


Paypal vowe