Trend Micro has now announced its discovery of a vulnerability in Microsoft Windows Defender that is actively exploited by the cyber threat group Water Hydra. The vulnerability was discovered on December 31, 2023, but the official information was only published yesterday. Trend customers have been automatically protected since January 1, 2024, but other organizations are now urged to take immediate action in response to this vulnerability.

The vulnerability is actively exploited by the financially motivated APT group Water Hydra to target high-stakes forex traders. More specifically, it is used in a sophisticated zero-day attack chain to bypass Windows Defender SmartScreen. The attacks are based on infecting victims with a DarkMe Remote Access Trojan (RAT) that steals data and spreads malware. ransomware as a goal.

– Day zero vulnerabilities are an increasingly popular way to cybercriminals to achieve their goals, says Jean Diarbakerli, Security Advisor at Trend Micro Sweden. That's why at Trend we invest heavily in data and information about the cybersecurity situation to ensure that our customers are protected, months before official vendor patches are released. We are proud to be able to deliver a secure bridge between these and, in the long run, create a digital world with fewer risks.

Advertisement

When a new zero-day attack is discovered, it informs Trend Micro always the vulnerable vendor. At the same time, Trend's customers directly benefit from virtual patching to protect their systems from exploitation until an official patch can be applied.

Trend protects its customers by issuing virtual patches an average of 51 days before official patches are released, including this one for Microsoft. For other vendors, the average time to protect their customers was 96 days.

According to Trend, customers who applied all virtual patches in 2023 saved in average 1 million USD for his company.

Trend Vision One security platform automatically identifies critical vulnerabilities and provides visibility into all affected endpoints and their potential impact on an organization's overall risk. Trend's proactive approach to risk management reduces the need for last-minute reactive measures and ensures customers are well-prepared.