Bitdefender is warning that Windows bind links can be abused to make endpoint security products inspect a legitimate file while a different, attacker-controlled file actually runs. The technique affects Windows 10 version 1803 and later, including Windows 11, but requires an attacker to have...
Bitdefender has documented three techniques that abuse Windows bind links to make endpoint detection and response products inspect one file while Windows executes another. The finding matters because the gap appears only after an intruder obtains local administrator rights—the precise stage at...