A vulnerability in K7 Ultimate Security allows low-privileged users to gain SYSTEM-level access by manipulating registry settings through named pipes. Despite attempts to patch the issue, attackers can exploit this flaw to disable protections or execute arbitrary code. Users are advised to update to the latest version.

A new tool called 'Defendnot' tricks Windows into disabling Microsoft Defender by registering a fake antivirus product using an undocumented Windows Security Center API. Created by researcher es3n1n, it bypasses security features by injecting a dummy antivirus DLL into a trusted system process, effectively leaving devices without active protection. Microsoft Defender has flagged Defendnot as a threat, highlighting vulnerabilities in trusted system features.