Here's Why Windows Is Flagging Random Apps as a Threat

Reports received this week from several Windows PC owners highlight that their computers have begun to wrongly detect a “HackTool” called WinRing0, triggering multiple Windows Defender alerts.
Although these warnings are causing concern for many users, this doesn’t necessarily mean that the computers are actually under attack.
WinRing0 is a piece of kernel-level software that has an exploit that was previously linked to malware called SteelFox, which gives the malware access to the operating system’s core, allowing it to hijack infected systems.
It is not clear why Microsoft is only now addressing the issue, but it is thought that the company are under pressure to close security loopholes that shouldn’t exist, following last year’s massive CrowdStrike outage.
Furthermore, it is unlikely that Microsoft will sign off on a patch for the issue submitted months ago on GitHub, meaning a solution is not on the horizon any time soon.
Users are advised to remain vigilant, rather than ignoring the alerts, whilst developers are faced with the costly option of creating their own software to access kernel-level permissions.

Fast Feed