Article 4BWEV How Microsoft found a Huawei driver that opened systems to attack

How Microsoft found a Huawei driver that opened systems to attack

by
Peter Bright
from Ars Technica - All content on (#4BWEV)
matebookxpro5-800x533.jpg

Enlarge (credit: Valentina Palladino)

Huawei MateBook systems that are running the company's PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company's Microsoft Defender Advanced Threat Protection (ATP) service.

First things first: Huawei fixed the driver and published the safe version in early January, so if you're using a Huawei system and have either updated everything or removed the built-in applications entirely, you should be good to go.

The interesting part of the story is how Microsoft found the bad driver in the first place.

Read 10 remaining paragraphs | Comments

index?i=35WPGB7WRcc:ppdXWuZHmek:V_sGLiPB index?i=35WPGB7WRcc:ppdXWuZHmek:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments