Long-standing vulnerabilities found in Microsoft Defender allow bypassing authentication and uploading malicious files
Critical flaws in Microsoft Defender for Endpoint (DFE) could allow attackers to bypass authentication, forge data, and upload malicious files, according to research from InfoGuard Labs. The vulnerabilities exploit weaknesses in the network communication between DFE agents and their cloud services, creating significant security risks.
The Attack Vector: Bypassing Certificate Pinning
The attack hinges on bypassing certificate pinning. By modifying the CRYPT32!CertVerifyCertificateChainPolicy function to always return a valid result, an attacker can intercept all HTTPS traffic between the agent and the cloud in plaintext. A similar technique applied to SenseIR.exe, a core DFE component, enables complete data interception, including uploads to Azure Blob storage.
This allows an attacker to intercept commands before they reach the DFE agent, effectively creating a man-in-the-middle scenario where they can forge responses and deceive security systems.
Key Vulnerabilities and Exploits
- Forged Responses: Attackers can report a device as 'isolated' in response to a containment command, leaving the machine compromised while the Microsoft Defender portal incorrectly shows it as secure.
- Unauthenticated Access: The flaw extends to the
/senseir/v1/actions/endpoints for Live Response and Automated Investigations, where authentication tokens are ignored, allowing access with only a machine ID. - Long-Lived Tokens: Attackers can upload fabricated data to Azure Blob storage using long-lived SAS tokens, which can remain valid for several months.
The Payoff: Hiding Malicious Files in Plain Sight
After gaining access, an attacker can manipulate inspection packages on the file system. These packages, readable by any user, contain sensitive system data such as autorun configurations and installed programs. By uploading malicious files with benign-sounding names into these packages, attackers can plant malware that will likely go unnoticed by security analysts.
InfoGuard Labs reported the vulnerabilities to the Microsoft Security Response Center (MSRC) in July 2025. However, the issues were classified as low-severity, and as of October 2025, patches had not been confirmed, highlighting a potential gap in protecting endpoint detection and response (EDR) systems.