Gaming
No Comments
WinRing0: Why

WinRing0: Why Windows is flagging your PC monitoring and fan control apps as a threat

Introduction

On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
But my computer wasn’t actually under attack — at least, not yet. 
When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
“As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
Read the full story at The Verge.

Key Insights

  • What is WinRing0: Why?

    On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
    But my computer wasn’t actually under attack — at least, not yet. 
    When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
    “As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

    That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
    Read the full story at The Verge.

  • Why is WinRing0: Why important?

    On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
    But my computer wasn’t actually under attack — at least, not yet. 
    When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
    “As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

    That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
    Read the full story at The Verge.

Pros and Cons

  • Pros:

    On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
    But my computer wasn’t actually under attack — at least, not yet. 
    When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
    “As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

    That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
    Read the full story at The Verge.

  • Cons:

    On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
    But my computer wasn’t actually under attack — at least, not yet. 
    When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
    “As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

    That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
    Read the full story at The Verge.

Conclusion

On Tuesday morning, some PC gamers woke up to discover their computers were seemingly under threat. A “HackTool” called WinRing0 had suddenly started triggering a Windows Defender alert, as if their PCs were under attack. Some of those computers even began behaving oddly ​​— like blasting their fans at high speed — once the HackTool had been quarantined. I know, because it happened to me. 
But my computer wasn’t actually under attack — at least, not yet. 
When I checked where Windows Defender had actually detected the threat, it was in the Fan Control app I use to intelligently cool my PC. Windows Defender had broken it, and that’s why my fans were running amok. For others, the threat was detected in Razer Synapse, SteelSeries Engine, OpenRGB, Libre Hardware Monitor, CapFrameX, MSI Afterburner, OmenMon, FanCtrl, ZenTimings, and Panorama9, among many others. 
“As of now, all third-party / open-source hardware monitoring softwares are screwed,” Fan Control developer Rémi Mercier tells me. 

That’s because all these programs have something in common, eight of their developers tell The Verge. They do (or did) all contain a piece of kernel-level software that is …
Read the full story at The Verge.

Learn More

Explore more about WinRing0: Why on Wikipedia.

Leave a Reply

Your email address will not be published. Required fields are marked *