{"id":48766,"date":"2022-10-06T12:28:14","date_gmt":"2022-10-06T12:28:14","guid":{"rendered":"https:\/\/packetstormsecurity.com\/news\/view\/33917\/No-Fix-In-Sight-For-Loophole-Plaguing-a-Key-Windows-Defense.html"},"modified":"2022-10-06T12:28:14","modified_gmt":"2022-10-06T12:28:14","slug":"no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/","title":{"rendered":"No Fix In Sight For Loophole Plaguing a Key Windows Defense"},"content":{"rendered":"<figure class=\"intro-image intro-left\"> <img decoding=\"async\" src=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/10\/windows-malware-800x534.jpg\" alt=\"No fix in sight for mile-wide loophole plaguing a key Windows defense for years\"><figcaption class=\"caption\">\n<div class=\"caption-credit\">Getty Images<\/div>\n<\/figcaption><\/figure>\n<aside id=\"social-left\" class=\"social-left\" aria-label=\"Read the comments or share this article\"> <a title=\"39 posters participating\" class=\"comment-count icon-comment-bubble-down\" href=\"https:\/\/arstechnica.com\/information-technology\/2022\/10\/no-fix-in-sight-for-mile-wide-loophole-plaguing-a-key-windows-defense-for-years\/?comments=1\"> <\/p>\n<h4 class=\"comment-count-before\">reader comments<\/h4>\n<p> <span class=\"comment-count-number\">65<\/span> <span class=\"visually-hidden\"> with 39 posters participating<\/span> <\/a> <\/p>\n<div class=\"share-links\">\n<h4>Share this story<\/h4>\n<\/p><\/div>\n<\/aside>\n<p> <!-- cache hit 768:single\/related:f6280224e314d55de1fb1c2db9bf0395 --><!-- empty --><\/p>\n<p>Over the past 15 years, Microsoft has made huge progress fortifying the Windows kernel, the core of the OS that hackers must control to successfully take control of a computer. A cornerstone of that progress was the enactment of strict new restrictions on the loading of system drivers that could run in kernel mode. These drivers are crucial for computers to work with printers and other peripherals, but they&#8217;re also a convenient inroad that hackers can take to allow their malware to gain unfettered access to the most sensitive parts of Windows. With the advent of Windows Vista, all such drivers could only be loaded after they&#8217;d been approved in advance by Microsoft and then digitally signed to verify they were safe.<\/p>\n<p>Last week, researchers from security firm <a href=\"https:\/\/www.welivesecurity.com\/2022\/09\/30\/amazon-themed-campaigns-lazarus-netherlands-belgium\/\">ESET revealed<\/a> that about a year ago, Lazarus, a hacking group backed by the North Korean government, exploited a mile-wide loophole last year that existed in Microsoft&#8217;s driver signature enforcement (DSE) from the start. The malicious documents Lazarus was able to trick targets into opening were able to gain administrative control of the target&#8217;s computer, but Windows&#8217; modern kernel protections presented a formidable obstacle for Lazarus to achieve its objective of storming the kernel.<\/p>\n<h2>Path of least resistance<\/h2>\n<p>So Lazarus chose one of the oldest moves in the Windows exploitation playbook\u2014a technique known as BYOVD, short for <a href=\"https:\/\/www.welivesecurity.com\/2022\/01\/11\/signed-kernel-drivers-unguarded-gateway-windows-core\/\">bring your own vulnerable driver<\/a>. Instead of finding and cultivating some exotic zero-day to pierce Windows kernel protections, Lazarus members simply used the admin access they already had to install a driver that had been digitally signed by Dell prior to the discovery last year of a critical vulnerability that could be <a href=\"https:\/\/arstechnica.com\/gadgets\/2021\/05\/dell-patches-a-12-year-old-privilege-escalation-vulnerability\/\">exploited to gain kernel privileges<\/a>.<\/p>\n<p>ESET researcher Peter K\u00e1lnai said Lazarus sent two targets\u2014one an employee of an aerospace company in the Netherlands and the other a political journalist in Belgium\u2014Microsoft Word documents that had been booby-trapped with malicious code that infected computers that opened it. The hackers&#8217; objective was to install an advanced backdoor dubbed Blindingcan but to make that happen, they first had to disable various Windows protections. The path of least resistance, in this case, was simply to install dbutil_2_3.sys, the buggy Dell driver, which is responsible for updating Dell firmware through Dell&#8217;s custom Bios Utility.<\/p>\n<aside class=\"ad_wrapper\" aria-label=\"In Content advertisement\"> <span class=\"ad_notice\">Advertisement <\/span> <\/aside>\n<p>&#8220;For the first time in the wild, the attackers were able to leverage CVE-2021-21551 for turning off the monitoring of all security solutions,&#8221; K\u00e1lnai wrote, referring to the designation used to track the vulnerability in the Dell driver. &#8220;It was not just done in kernel space, but also in a robust way, using a series of little- or undocumented Windows internals. Undoubtedly this required deep research, development, and testing skills.&#8221;<\/p>\n<p>In the case involving the journalist, the attack was triggered but was quickly stopped by ESET products, with just one malicious executable involved.<\/p>\n<p>While it may be the first documented case of attackers exploiting CVE-2021-21551 to pierce Windows kernel protections, it&#8217;s by no means the first instance of a BYOVD attack. A small sampling of previous BYOVD attacks include:<\/p>\n<ul>\n<li>Malware dubbed SlingShot that <a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/03\/potent-malware-that-hid-for-six-years-spread-through-routers\/\">hid on infected systems for six years<\/a> until it was discovered by security firm Kaspersky. Active since 2012, SlingShot exploited vulnerabilities that had been found as early as 2007 in drivers including <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2007-5633\">Speedfan.sys<\/a>, <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2010-1592\">sandra.sys<\/a>, and <a href=\"https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2009-0824\">https:\/\/cve.mitre.org\/cgi-bin\/cvename.cgi?name=CVE-2009-0824<\/a>. Because these drivers had been digitally signed at one time, Microsoft had no viable way to prevent Windows from loading them, even though the vulnerabilities were well known.<\/li>\n<li>RobbinHood, the name of ransomware that installs the GIGABYTE motherboard driver GDRV.SYS and then <a href=\"https:\/\/arstechnica.com\/information-technology\/2020\/02\/hackable-code-trusted-by-windows-lets-ransomware-burrow-deep-into-targeted-machines\/\">exploits the known vulnerability CVE-2018-19320<\/a> to install its own malicious driver.<\/li>\n<li><a href=\"https:\/\/arstechnica.com\/information-technology\/2018\/10\/first-uefi-malware-discovered-in-wild-is-laptop-security-software-hijacked-by-russians\/\">LoJax<\/a>, the first UEFI rootkit known to be used in the wild. To gain access to targets&#8217; UEFI modules, the malware installed a powerful utility called RWEverything that had a valid digital signature.<\/li>\n<\/ul>\n<p> READ MORE <a href=\"https:\/\/packetstormsecurity.com\/news\/view\/33917\/No-Fix-In-Sight-For-Loophole-Plaguing-a-Key-Windows-Defense.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>READ MORE HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":48767,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[277],"tags":[5505],"class_list":["post-48766","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity-blogs","tag-headlinehackermicrosoftflaw"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.7 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2022-10-06T12:28:14+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/10\/windows-malware-800x534.jpg\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"No Fix In Sight For Loophole Plaguing a Key Windows Defense\",\"datePublished\":\"2022-10-06T12:28:14+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/\"},\"wordCount\":680,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg\",\"keywords\":[\"headline,hacker,microsoft,flaw\"],\"articleSection\":[\"CyberSecurity Blogs\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/\",\"name\":\"No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg\",\"datePublished\":\"2022-10-06T12:28:14+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2022\\\/10\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg\",\"width\":800,\"height\":534},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"headline,hacker,microsoft,flaw\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/headlinehackermicrosoftflaw\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"No Fix In Sight For Loophole Plaguing a Key Windows Defense\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/","og_locale":"en_US","og_type":"article","og_title":"No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2022-10-06T12:28:14+00:00","og_image":[{"url":"https:\/\/cdn.arstechnica.net\/wp-content\/uploads\/2022\/10\/windows-malware-800x534.jpg","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"No Fix In Sight For Loophole Plaguing a Key Windows Defense","datePublished":"2022-10-06T12:28:14+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/"},"wordCount":680,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg","keywords":["headline,hacker,microsoft,flaw"],"articleSection":["CyberSecurity Blogs"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/","url":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/","name":"No Fix In Sight For Loophole Plaguing a Key Windows Defense 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg","datePublished":"2022-10-06T12:28:14+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2022\/10\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense.jpg","width":800,"height":534},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/no-fix-in-sight-for-loophole-plaguing-a-key-windows-defense\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"headline,hacker,microsoft,flaw","item":"https:\/\/www.threatshub.org\/blog\/tag\/headlinehackermicrosoftflaw\/"},{"@type":"ListItem","position":3,"name":"No Fix In Sight For Loophole Plaguing a Key Windows Defense"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48766","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=48766"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/48766\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/48767"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=48766"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=48766"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=48766"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}