Microsoft's antivirus program Defender contains a component that is intended to detect and prevent the execution of malicious code using Rundll32.exe. However, this mechanism can be easily tricked, as a security researcher has discovered.
All that is needed for the cyber attack is a simple comma to get past Microsoft Defender. All you have to do is insert an additional comma in the correct place in the code below and Microsoft Defender will see a harmless file instead of the threat. Security researcher John Page discovered the critical vulnerability.
The vulnerability was rated as moderately severe by the BSI's Computer Emergency Response Team for Federal Authorities (CERT) in the report "Microsoft Windows Defender: Vulnerability allows security measures to be circumvented," with a Common Vulnerability Scoring System (CVSS) rating of 5.3. Microsoft has now released a patch that is distributed with the automatic updates. Anyone who has not deactivated this will receive the patch automatically.
More at CERT.de
About the Federal Office for Information Security (BSI) The Federal Office for Information Security (BSI) is the federal cyber security authority and the creator of secure digitization in Germany. The guiding principle: As the federal cyber security authority, the BSI designs information security in digitization through prevention, detection and reaction for the state, economy and society.