RedSun: How Windows Defender's Remediation Became a SYSTEM File Write

The post discusses a vulnerability in Windows Defender where its remediation process could be exploited to achieve arbitrary file writes with SYSTEM privileges. The issue involved manipulating Defender's quarantine and remediation mechanisms to replace legitimate files. The technique was demonstrated in a proof-of-concept named "RedSun."