Critical flaws uncovered in the network communication between Microsoft Defender for Endpoint (DFE) and its cloud services, allowing post-breach attackers to bypass authentication, spoof data, disclose sensitive information, and even upload malicious files to investigation packages.<\/p>\n
These vulnerabilities, detailed in a recent analysis by InfoGuard Labs, highlight ongoing risks in endpoint detection and response (EDR) <\/a>systems, potentially undermining incident response efforts.<\/p>\n Reported to Microsoft\u2019s Security Response Center (MSRC) in July 2025, the issues were deemed low severity, with no fixes confirmed as of October 2025.<\/p>\n The research builds on prior explorations of EDR attack surfaces, focusing on the agent\u2019s interaction with cloud backends. By intercepting traffic using tools like Burp Suite and bypassing certificate pinning through memory patches in WinDbg, the analysis revealed how DFE\u2019s MsSense.exe process handles commands and data uploads.<\/p>\n Certificate pinning<\/a>, a common security measure, was circumvented by altering the CRYPT32!CertVerifyCertificateChainPolicy function to always return a valid result, enabling plaintext inspection of HTTPS traffic.<\/p>\n Similar patches were applied to SenseIR.exe for complete interception, including Azure Blob uploads.<\/p>\n According to InfoGuard Labs the core issue<\/a> lies in the agent\u2019s requests to endpoints like https:\/\/[location-specific-host]\/edr\/commands\/cnc, where it polls for commands such as isolation, forensics collection, or scans.<\/p>\n Despite including Authorization tokens and Msadeviceticket headers, the backend ignores them entirely. An attacker with the machine ID and tenant ID easily obtainable by low-privileged users via registry reads can impersonate the agent and intercept responses.<\/p>\n For instance, an intruder tool like Burp\u2019s Intruder can continuously query the endpoint, snatching available commands before the legitimate agent receives them.<\/p>\n This allows spoofing responses, such as faking an \u201cAlready isolated\u201d status for an isolationcommand, leaving the device unisolated while the Microsoft Defender Portal reports it as secured.<\/p>\n The serialization format, often in Microsoft Bond, complicates manual crafting, but capturing and modifying legitimate responses suffices for proof-of-concept exploits.<\/p>\n A parallel vulnerability affects \/senseir\/v1\/actions\/ endpoints for Live Response and Automated Investigations. Here, CloudLR tokens are similarly ignored, obtainable without authentication using just the machine ID.<\/p>\n Attackers can decode action payloads with custom scripts leveraging large language models for Bond deserialization and upload fabricated data to provided Azure Blob<\/a> URIs via SAS tokens, which remain valid for months.<\/p>\n Unauthenticated access extends to incident response (IR) exclusions via the registration endpoint, requiring only the organization ID from the registry.<\/p>\n More alarmingly, polling \/edr\/commands\/cnc without credentials yields an 8MB configuration dump, including RegistryMonitoringConfiguration, DriverReadWriteAccessProcessList, and ASR rules. While not tenant-specific, this data reveals detection logic valuable for evasion.<\/p>\n Post-breach, attackers can enumerate investigation packages on the filesystem, readable by any user, containing autoruns, installed programs, and network connections.<\/p>\n For ongoing investigations, spoofed uploads to these packages enable embedding malicious files with innocuous names, tricking analysts into execution during review.<\/p>\n These flaws underscore the challenges in securing EDR communications, where simple oversights persist despite multiple token types. The analyst urges remediation, arguing that post-breach disruption and analyst-targeted attacks merit a higher priority than MSRC\u2019s assessment.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Microsoft Defender Vulnerabilities Allow Attackers to Bypass Authentication and Upload Malicious Files<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\n![\"Azure](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiGaDsldYHtTienuYSzrnIwwYjx9Fh60-e3XCUmL0fSBKXu1pthukA6ze2dZx1KWDZh-8bt7ba-1mrh2gNMXR-8dGTVY2vcUZ8muWex7Ru1m5FIwYgQ_bsjBKKbHAVHi3-jCDwMHcYjLmK_wvqY21b7c2o8yK48ZTe9Ns-RrWjZFNEmOsaNXCbfMSS0-smP\/s16000\/Azure%2520Blob%2520uploads.webp?ssl=1\")
Authentication Bypasses and Command Interception<\/strong><\/h2>\n
![\"\"](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEiTVxMEMYd6EQPchDs5h7xcQQ-S36METkNiu2HirCmANV_H8ROTiPIMT9U9OT-gOWJzBNo71PNeTz-ReS0bmBLIhBAa7HNmPq8RrAwewfzxbiGEFwOCXkZKhhzCqTrHY1ff_jrZ9Sz7wQ-eyrq8TCrEyqVYFt2UQEDitlFtam8nUhTTBKWIr9T1fmmORkKJ\/s16000\/Commands.webp?ssl=1\")
<\/figure>\n<\/div>\nInformation Disclosure and Malicious File Risks<\/strong><\/h2>\n
![\"\"](\"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEjM4XYss3nPayDe7wJmOw33DIbAfUpm3ElISb7TFfYP7EFm8ULYVcpntn0wzpVJS4oqRRVOTIGZ1Qin-M4FiS0sxbR6msfowCEwAOA5K2b3mIJcpbGkejrWDGc16s3smBsW4EiLudrntuXbs8BViCVID5hHNCCGwxaX1PNsnaeal2ethw6eehxkCtDtX6SV\/s16000\/information.webp?ssl=1\")
<\/figure>\n