The interesting part of the story is how Microsoft found the bad driver in the first place.
How Microsoft found a Huawei driver that opened systems to attack | Ars Technica
Microsoft Defender ATP does not rely solely on signature-based endpoint antimalware to detect known threats; it also uses heuristics that look for behavior that appears suspicious, even if no particular malware has been identified. Windows itself notices certain actions taken by software and reports them to the Defender ATP cloud service, and machine learning-based algorithms look for anomalies in these reports.
働きアリからの脱出 個人で始める働き方改革: 個人で始める働き方改革 (単行本)
- 作者: 越川慎司
- 出版社/メーカー: 集英社
- 発売日: 2018/12/14
- メディア: 単行本
- この商品を含むブログを見る