This is what is happening

If you have a PC with Windows 10 either Windows 11 And lately you have noticed that your tools to control Fans or RGB lighting They have stopped working, it could be related to a recent security detection in Windows Defender. As The Verge points outseveral users have seen how Microsoft antivirus marks these applications as a possible threat, which prevents its correct operation.

A controller at the point of sight. The origin of the problem seems to be in Winring0, an access controller to the kernel that many of these tools use. In recent days, Windows Defender has begun to identify it as a “Hack Tool”, which causes related files to be quarantine and that the applications that depend on it stop working.

Winring0 is one of the few free controllers with low level access to the system, but its security history is not brilliant. In 2020, he was registered as CVE-2020-14979a vulnerability that, According to Inbibeallows reading and writing in the system memory to obtain high privileges.

The big question: why now? It is not clear why Windows Defender has hardened his criteria at this time regarding a problem identified years ago. A possible explanation is the reinforcement of Windows security policies after the incident with Crowdstrikewhose failure in a security update caused problems in systems around the world. It is also known that Microsoft has decided to harden the requirements for controllers.

A problem that directly affects users. Winring0 block has not only caused many hardware monitoring tools to stop working, but also caused strange behaviors in some systems. Some users They have noticed That their fans began to turn at maximum speed without control after the quarantine of the controller, since the applications that managed them stopped working properly.

Windows Defender 2
Windows Defender 2

Image shared by one of the affected users

The first indications suggest that applications such as Fan Control, Steelseries Engine, OpenRGB, Free Hardware Monitor, Capframex, MSI afterburner, Omenmon, Zentimings and Panorama9 have been affected, leaving many users without the possibility of monitoring temperatures, controlling fans or managing the RGB lighting of their equipment.

The developers are trapped. The developer’s dilemma is that Winring0 was a free and free solution to access low -level hardware in Windows. Some companies have chosen to withdraw and develop their own solutions, such as SignalrGB, which Winring0 replaced in 2023 with a SMBUS owner controller. However, many open source projects cannot afford to create and certify a new controller, since Microsoft demands a digital payment signature for any software that access the kernel.

Windows Defender 1
Windows Defender 1

What options do users have? If Windows Defender has blocked any of these profits in your team, there are several alternatives:
• Update the application. Some developers are working on winring0 versions.
• Find alternatives. There are similar tools that do not depend on this controller.
• Add an exception in Windows Defender. Some developers suggest this optionalthough it entails safety risks and is not recommended.

Images | HEADDARKSLATEGRAYDOME160 | Ed Hardie | Result kaya

In Xataka | How to deactivate Windows defending and what protections do you lose if you do

Leave a Comment