Well, here’s a big mess: the latest edition of Windows Defender antivirus for Windows 10 can be used to download malware.
This is according to Bleeping Computer, who saw a Twitter feed from security researcher Mohammad Askar in which Askar detailed how the Windows Defender MpCmdRun.exe command-line tool can be used to download any record over the Internet.
Then, of course, Askar used it to download a risk emulation (secure) software called Cobalt Strike, which is used to encounter security vulnerabilities in giant local computer networks.Data hijacking.
We ourselves, after a little online violin command, use the tool to download a symbol from tom’s Guide website.This was done using administrative privileges, which would be required to access Windows Defender and use a command-line tool to download any file.
Just to see how far we could go with this, we went back to our same previous limited user mode.We then use the same tool to download the EICAR verification log, a well-known piece of simulated malware, to our own download folder for limited users No administrative privileges required.
Microsoft to our request for comments with this statement, in its entirety:
“Despite these reports, Microsoft Defender and Microsoft Defender ATP antiviruses will continue to target consumers against malware.These formulas stumble upon malicious logs downloaded from the formula via the antivirus log download feature”.
A Microsoft spokesperson said it also applies to Windows Defender antivirus, the antivirus software provided with the Windows 10 family.
This means that any malware that works decently and infects even a limited user account will use Windows Defender to download any record on the Internet.
There have been some saving graces. We weren’t supposed to download the EICAR verification log to some other user’s download folder or directories where we didn’t have permission to write or that we hadn’t created ourselves, even when we were connected as an administrator.
This is consistent with Windows user settings and indicates that this Windows Defender download tool cannot be used to create privileges; In other words, malware cannot use it to take the system smoothly.
In addition, our Bitdefender antivirus software detected and quarantined the EICAR verification log without delay.We do not use Windows Defender as the default antivirus software, but Windows Defender would almost in fact also have detected and thawed the EICAR verification log.
Therefore, in those respects, the Windows Defender download tool cannot be used to do anything worse than any malware that has effectively inflamed its formula, such as downloading a registry through an Internet browser.
But there are things that audiovisual software does not detect and, of course, Windows Defender is provided on each and every Windows 10 PC, whether or not you use third-party antivirus software, which is usually a smart thing.
We have contacted Microsoft for feedback and will update this story when we get a response.
If you’re wondering how to do this, here’s the registry and commands, but make sure you know what to do:
C: ‘ProgramData’ – Microsoft – Windows Defender – platform ‘4.18.2008.9-0’ MpCmdRun.exe -DownloadFile -URL -path
“” is the URL from which you download and will need to come with the desired record name, such as “https://www.example.com/example/foobar.txt”.
“is where you need the log to go, and it should also come with the registry name:” C: “Users – You – Downloads – foobar.txt”.
We found that it was less difficult to simply replace directories to C: ‘ProgramData’ – Microsoft’s ‘Windows Defender’ platform, ‘4.18.2008.9-0’, and then continue from there.His mileage would possibly vary.
Microsoft to our request for comments with this statement, in its entirety:
“Despite these reports, Microsoft Defender and Microsoft Defender ATP antiviruses will continue to target consumers against malware.These formulas stumble upon malicious logs downloaded from the formula via the antivirus log download feature”.
A Microsoft spokesperson clarified that it also applies to Windows Defender antivirus, the antivirus software provided in the Windows 10 family.
Get instant access to the latest news, reviews, offers and helpful tips.
Thank you for registering with Tom’s Guide.You will soon receive an audit email.
There’s a problem. Refresh the page and re-consult.
Tom’s Guide is from Future US Inc., a foreign media organization and a leading virtual publisher. Visit our corporate website.