https://hackingpassion.com/tags/undefend/Recent content in Undefend on HackingPassion.com : root@HackingPassion.com-[~]HugoenSun, 19 Apr 2026 10:57:14 +0200https://hackingpassion.com/redsun-undefend-defender-zero-days/Sun, 19 Apr 2026 10:57:14 +0200https://hackingpassion.com/redsun-undefend-defender-zero-days/<p>Two unpatched Windows Defender zero-days have been actively exploited since <strong>April 16th</strong>, and both of them work on fully patched <strong>Windows 10</strong>, <strong>Windows 11</strong>, and <strong>Server 2019</strong> and later, including machines that installed this month&rsquo;s Patch Tuesday updates. One of them makes Defender write the attacker&rsquo;s payload into <strong>System32</strong> by itself, then stands back and lets Windows run it as <strong>SYSTEM</strong>. The other blocks Defender from receiving any new virus definitions and lies to the EDR management console about it, showing green checkmarks on machines that are already fully compromised. 😏</p>