https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-45584

nyanbinary@infosec.exchange

Security Update Guide - Microsoft Security Response Center

(msrc.microsoft.com)

One job. You had one job.

Heap-based buffer overflow in Microsoft Defender allows an unauthorized attacker to execute code over a network.

adulau@infosec.exchange

@nyanbinary Ouch.

lucaswerkmeister@wikis.world

@nyanbinary Microsoft Offender

nyanbinary@infosec.exchange

Successful exploitation of this vulnerability would require a remote, unauthenticated attacker to entice a local user to take multiple actions that results in Defender scanning a malicious file that has been quarantined.

This is something I love about some AV vulnerabilities - intentionally triggering detections as part of exploitation. Also had that with the Nightmare Eclipse Defender vulns & also had me giggle there . I just ... feels right!

nyanbinary@infosec.exchange

@LucasWerkmeister the best defense is a good offense. This is why the A in AV now stands for Agentic, performing fully autonomous cyber offense operations from your laptop!

bws@social.linux.pizza

@nyanbinary maybe the 11 in windows 11 meant the cvss score?

catsalad@infosec.exchange

@nyanbinary I'm sure they learned their lesson and won't let it ever happen again!

malwareminigun@infosec.exchange

@nyanbinary

viss@mastodon.social

@nyanbinary

rk@mastodon.well.com

@catsalad @nyanbinary

Was it Defender that would execute JS without a sandbox and was trivially exploitable like…a few years ago? I think that was them.

abt1181@ioc.exchange

@catsalad I stripped Defender out of my Windows 10 LTSC installs and just use my estranged parents' Kaspersky family license lol

swym@chaos.social

@nyanbinary they should fire more engineers, so they have more funds for copilot tokens