Microsoft has fixed a privilege escalation vulnerability in Microsoft Defender Antivirus (formerly Windows Defender) that could allow attackers to gain admin rights on unpatched Windows systems. The vulnerability was discovered in the BTRsys driver (also known as the Boot Time Removal Tool) used during the remediation process to delete files and registry entries created by malware on infected systems. Microsoft released a patch on Tuesday, together with the other security updates published as part of the February 2021 Patch Tuesday. The last Microsoft Malware Protection Engine version where the bug was addressed is version 1.1.17800.5 or later.
Source: https://www.bleepingcomputer.com/news/security/12-year-old-windows-defender-bug-gives-hackers-admin-rights/