COMMUNIST FRONT CORPORATION: How Microsoft found a Huawei driver that opened systems to attack.
Huawei MateBook systems that are running the company’s PCManager software included a driver that would let unprivileged users create processes with superuser privileges. The insecure driver was discovered by Microsoft using some of the new monitoring features added to Windows version 1809 that are monitored by the company’s Microsoft Defender Advanced Threat Protection (ATP) service.
First things first: Huawei fixed the driver and published the safe version in early January, so if you’re using a Huawei system and have either updated everything or removed the built-in applications entirely, you should be good to go.
The interesting part of the story is how Microsoft found the bad driver in the first place.
Given Huawei’s track record, the really interesting part of the story might be what Microsoft didn’t find, and what Huawei didn’t then “fix.”