How Microsoft found a Huawei driver that opened systems to attack
by Volker Weber
Huawei MateBook systems that are running the company's PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company's Microsoft Defender Advanced Threat Protection (ATP) service.
Monitoring systems were looking for attacks using technique popularized by the NSA. Quite a story.
Comments
Huawei: Inkompetenz oder Absicht? Beides unerfreulich.
Gerhard Heeke, 2019-03-27
