Blue Hat – Computer Security Articles

From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw

April 8, 2019 admin Blue Hat, cybersecurity, DoublePulsar, Endpoint security, exploit, kernel driver, kernel sensors, kernel-mode attacks, Microsoft Defender ATP, privlege escalation, responsible vulnerability disclosure, Vulnerability, Windows Defender ATP

Credit to Author: Eric Avena| Date: Mon, 25 Mar 2019 15:00:07 +0000

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors. These sensors expose anomalous behavior and give SecOps personnel the intelligence and tools to investigate threats, as we did.

The post From alert to driver vulnerability: Microsoft Defender ATP investigation unearths privilege escalation flaw appeared first on Microsoft Security .