PANews reported on October 13th that a post forwarded by 23pds, Chief Information Security Officer of SlowMist Technology, revealed a vulnerability in Microsoft Defender that could allow attackers to bypass authentication and upload malicious files. Serious vulnerabilities were discovered in the network communication between Microsoft Defender for Endpoint (DFE) and its cloud services. These vulnerabilities allow attackers who have compromised the system to bypass authentication, forge data, leak sensitive information, and even upload malicious files into investigation packages.