Defender bypass allows threats to be removed from protection database
A lot of people rely on Windows Defender to protect their systems, it's free and installed by default so why not?
Defender uses a blacklisting approach to stop threats. Before allowing a file to execute, it will compare it against its database of known threats and stop it from executing if it's on there. However, researchers at SafeBreach have uncovered an exploit that can allow threats to be removed from the database.
Microsoft panics Windows 11 users with 'Local Security Authority protection is off' warning
Users of Windows 11 have been concerned by the appearance of a message that reads: "Local Security protection is off. Your device may be vulnerable". Microsoft is blaming a recent update (KB5007651) for the warning which implies that an important security feature has been disabled.
The issue affects Windows 11 version 21H2 and 22H2, and those hit by the message have been left confused about what they need to do. So what is going on?