How Microsoft found a Huawei driver that opened systems to attack

by Volker Weber

Huawei MateBook systems that are running the company's PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company's Microsoft Defender Advanced Threat Protection (ATP) service.

Monitoring systems were looking for attacks using technique popularized by the NSA. Quite a story.

More >

Comments

Huawei: Inkompetenz oder Absicht? Beides unerfreulich.

Gerhard Heeke, 2019-03-27

Recent comments

Richard Schwartz on Diabetes in Remission at 04:52
Volker Weber on Wie 500 Studenten gemeinsam lernen at 23:52
André Doumen on Wie 500 Studenten gemeinsam lernen at 23:26
Volker Weber on My browser, the spy :: Do not trust browser extensions at 21:13
John Keys on My browser, the spy :: Do not trust browser extensions at 20:32
Nils Michael Becker on Diabetes in Remission at 19:13
Volker Weber on Diabetes in Remission at 19:03
Nils Michael Becker on Diabetes in Remission at 19:01
Volker Weber on My browser, the spy :: Do not trust browser extensions at 16:51
Gayle Elgort on Diabetes in Remission at 16:32
Christian Andres on My browser, the spy :: Do not trust browser extensions at 14:51
René Fischer on My browser, the spy :: Do not trust browser extensions at 14:22
Volker Weber on My browser, the spy :: Do not trust browser extensions at 14:12
Stephan Wissel on Diabetes in Remission at 14:10
Michael Schnatman on Charles Fitzgerald :: A Very Cold Take on IBM, Red Hat and Their Hybrid Cloud Hyperbole at 14:06
Karl Heindel on My browser, the spy :: Do not trust browser extensions at 13:58
Dirk Bartkowiak on Diabetes in Remission at 13:43
Ben Poole on Diabetes in Remission at 13:34
Alper Iseri on Diabetes in Remission at 13:18
Brian Benson on Diabetes in Remission at 12:22
John Lindsay on Diabetes in Remission at 11:58
Dirk Steins on Diabetes in Remission at 11:34
Armin Grewe on Wie 500 Studenten gemeinsam lernen at 10:52
Volker Weber on Wie 500 Studenten gemeinsam lernen at 10:29
André Doumen on Wie 500 Studenten gemeinsam lernen at 10:08

Ceci n'est pas un blog

I explain difficult concepts in simple ways. For free, and for money. Clue procurement and bullshit detection.

vowe

Contact
Publications
Stuff that works
Amazon Wish List
Frequently Asked Questions

rss feed  twitter  amazon

Local time is 15:33

visitors.gif

buy me coffee

Paypal vowe