Microsoft rushed emergency Defender fixes after live attacks exploited two zero-days, including one path to SYSTEM-level control.
Key takeaways
- What We Know: Microsoft rushed Defender fixes outside Patch Tuesday
- Microsoft pushed emergency Defender fixes on May 21 after two zero-days, RedSun and UnDefend, were already being used in live attacks.
- The out-of-band updates landed after Huntress confirmed real-world exploitation and after researcher Chaotic Eclipse publicly disclosed the flaws without coordinated d...
- That sequence matters. These were not theoretical proof-of-concept bugs waiting for a future patch cycle. Attackers had working paths before Microsoft’s emergency upda...
👉 Read the full breakdown on MLXIO
Canonical source: https://mlxio.com/cybersecurity/microsoft-defender-zero-days
Top comments (0)