Browsing Tag
Microsoft Defender
6 posts
Microsoft Defender security products, exposure management, endpoint protection, cloud security, and security operations workflows.
Fake Perplexity Chrome Extension Turned Search Into a Tracking Channel
Microsoft says a malicious Chromium extension spoofed Perplexity AI, routed address-bar searches through a lookalike domain, and captured search suggestions before sending users to legitimate results. The case is a useful warning for anyone installing AI-branded browser tools.
BlueHammer Ransomware Flag Puts Microsoft Defender Patching Back on the Clock
CISA has updated the Microsoft Defender BlueHammer flaw, CVE-2026-33825, to mark it as used in ransomware campaigns. The flaw was patched in April, but the new flag gives Windows teams a fresh reason to verify Defender updates, endpoint telemetry, and local privilege escalation controls.
Microsoft Defender Starts Watching Local AI Agents on Developer Machines
Microsoft Defender now discovers local AI agents and MCP server configurations across managed endpoints, while preview runtime protection can audit or block prompt-injection attempts in Claude Code and GitHub Copilot CLI before risky tool actions execute.
Microsoft Defender RoguePlanet Zero-Day Leaves Windows Teams Waiting for a Patch
Microsoft has acknowledged RoguePlanet, a Microsoft Defender elevation-of-privilege flaw tracked as CVE-2026-50656, but a patch is still in development. The public proof of concept turns Defender’s own file-handling workflow into a path to SYSTEM privileges, so Windows teams should tighten execution controls and monitoring while they wait for Microsoft’s fix.
Microsoft AutoJack Research Shows How AI Browsing Agents Can Break Localhost Trust
Microsoft’s AutoJack research shows how an AI browsing agent could turn a malicious webpage into a local remote-code-execution path through AutoGen Studio’s MCP WebSocket surface. The specific issue was fixed before a PyPI release, but the localhost trust problem is bigger than one tool.
Microsoft MDASH Moves AI Bug Hunting Into Real Security Workflows
Microsoft says its MDASH agentic security system is now being used across Windows, Azure, and identity workflows, with new findings in Hyper-V, HTTP.sys, the Windows kernel, and Active Directory. The update shows AI vulnerability discovery moving from benchmark claims toward real engineering pipelines, while proof generation remains the hard part.