EUVD-2022-28364

Malicious code in bioql PyPI...

📄 Microsoft Defender for Endpoint Privilege Escalation

Proof of concept exploit that demonstrates a privilege escalation vulnerability in Microsoft Defender for Endpoint MDE. !/bin/bash Exploit Title: Microsoft Defender for Endpoint MDE - Elevation of Privilege Date: 2025-05-27 Exploit Author: Rich Mirch Vendor Homepage:...

CVE-2024-43614

Relative path traversal in Microsoft Defender for Endpoint allows an authorized attacker to perform spoofing locally...

March 28, 2023—KB5023778 (OS Build 22621.1485) Preview

March 28, 2023—KB5023778 OS Build 22621.1485 Preview For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 11, version 22H2, see its update history page. Note Follow @WindowsUpdate to...

Security feature bypass

Microsoft Defender for Endpoint Security Feature Bypass Vulnerability...

Improving AI-based defenses to disrupt human-operated ransomware

Microsoft’s deep understanding of human-operated ransomware attacks, which are powered by a thriving cybercrime gig economy, continuously informs the solutions we deliver to protect customers. Our expert monitoring of threat actors, investigations into real-world ransomware attacks, and the...

CVE-2022-23278

creationtimestamp| type| source ---|---|--- 2022-03-08 07:00:00+00:00| seen| https://msrc.microsoft.com/blog/2022/03/guidance-for-cve-2022-23278-spoofing-in-microsoft-defender-for-endpoint/ 2022-03-09 20:18:14+00:00| seen| https://t.me/cibsecurity/38609 2025-07-08 15:31:24+00:00| seen|...

Vulnerabilities fixed in Microsoft Defender

Microsoft has fixed vulnerabilities in Defender. A malicious party could potentially exploit the vulnerabilities to obtain elevated privileges, be able to impersonate another user and execute arbitrary code in the context of a user. In order to exploit the vulnerabilities, the malicious party nee...

December 14, 2021—Hotpatch KB5008286 (OS Build 20348.410)

December 14, 2021—Hotpatch KB5008286 OS Build 20348.410 Improvements and fixes public preview Key changes include: Addresses a known issue that might prevent Microsoft Defender for Endpoint from starting or running on devices that have a Windows Server Core installation. If you installed earlier...

Microsoft Defender for Endpoint: The Latest Versions of Antivirus Engine & Signatures

In a previous episode on Microsoft Defender for Endpoint, I described how to get a list of antivirus engine and signatures versions for the hosts in your infrastructure using the Microsoft Graph API. But the problem remains. You know the versions that are currently installed on the hosts. But whe...