Snynet Solution Logo
MON - SUN: 10 AM - 6 PM
+60 11 5624 8319

Blog

Windows 10 antivirus is not a security threat, Microsoft says

Image Description

Microsoft has denied claims that its home-built Windows 10 antivirus could be putting users at risk from online attack.

Doubts had been raised over the security of Windows Defender after Microsoft announced a new feature for the platform that would allow it to download files via the command line.

Some security experts had warned that doing so could mean Windows Defender becomes a vessel through which users might unknowingly download malicious files from the web.

Windows Defender

However Microsoft has now hit back at the claims, with a company spokesperson telling Forbes that, "Despite these reports, Microsoft Defender antivirus and Microsoft Defender ATP will still protect customers from malware. These programs detect malicious files downloaded to the system through the antivirus file download feature."

The company added that the feature could not be used to escalate privileges on Windows machines, despite researchers warning that any tool that widens the potential attack surface on any device needs to be watched carefully.

The controversy stems from the fact that experts were able to use the new command line tool (known as -DownloadFile command-line) as a local user to use the Microsoft Antimalware Service Command Line Utility to download a file from the internet with the following command: “MpCmdRun.exe -DownloadFile -url <url> -path <local-path>”.

Using this technique, one expert (penetration tester Mohammad Askar) was able to download Cobalt Strike malware from a remote location directly via Microsoft Defender, showing the potential risks, despite the company's reply.

While Defender will detect and mitigate any malicious files downloaded using this method, it is unclear whether other popular antivirus services will be able to defend against this avenue of attack, in instances in which native protections have been disabled.

The news comes shortly after Microsoft was also criticized for making it more difficult to manually disable Microsoft Defender in Windows 10, although the app should automatically turn itself off if it detects you're running another antivirus program.

Via Forbes

Date

07 Sep 2020

Sources


Share


Other Blog

  • BlizzConline is canceled, as publisher 'reimagines' future BlizzCon events

    Activision Blizzard lawsuit

    Publisher Activision Blizzard, responsible for the event this article refers to, is currently embroiled in ongoing litigation in regards to claims reporting a workplace culture that allegedly enabled acts of sexual harassment, abuse and discrimination. Read our Activision Blizzard lawsuit timeline of events for ongoing coverage of the events.

    Blizzard Entertainment has announced that its BlizzCononline digital event, scheduled for February 2022, has been canceled.

    In a blog post on the official Blizzard website, Blizzard Entertainment stated that it has decided to "take a step back and pause on planning the previously announced BlizzConline event... This was a tough decision for all of us to make, but it’s the right one," the blog post reads.

    "Any BlizzCon event takes every single one of us to make happen, an entire-company effort, fueled by our desire to share what we create with the community we care about so much," the blog post continues. "At this time, we feel the energy it would take to put on a show like this is best directed towards supporting our teams and progressing development of our games and experiences."

    In the post, Blizzard Entertainment also revealed that it was taking this break to "reimagine" future BlizzCon events.

    "Whatever the event looks like in the future, we also need to ensure that it feels as safe, welcoming, and inclusive as possible," the blog post reads. "We’re committed to continual communication with our players, and we see BlizzCon playing a big role in that going forward. We’re excited about what we’ll do with the event when we revisit it in the future." 

    Diablo 4

    (Image credit: Blizzard)

    Announcements and updates are still coming

    While BlizzConline isn't going ahead in February 2022, Blizzard did confirm that it will still share updates and announcements on its upcoming games. 

    Currently, the publisher has Diablo 4, Overwatch 2 and Diablo Immortal in the works, with no firm release dates for any of those titles. Information on these games will be shared through franchise channels, according to the post, meaning we can expect Overwatch 2 news on Overwatch social and video channels, for example. 

    Publisher Activision Blizzard is currently embroiled in ongoing litigation in regards to claims reporting a workplace culture that allegedly enabled acts of sexual harassment, abuse and discrimination. The post doesn't specifically mention this litigation, but it's possible that this ongoing legal action may have prompted the decision to cancel the event in early 2022.

    Read More
  • Windows 10 update brings fix for issue that could slow down your PC

    Windows 10 still has issues with one of its core features – but Microsoft is slowly fixing them.

    Read More
  • Microsoft Teams adds new features to make personal calls more engaging

    Microsoft has added a slew of features for the Personal edition of Teams. These features include Together Mode, reacting to images with Gifs and emojis and more.

    Read More
  • Where to buy Microsoft Office: all the cheapest prices and deals in June 2021

    We set out where to buy Microsoft Office for the best possible price.

    Read More

Find Out More About Us

Want to hire best people for your project? Look no further you came to the right place!

Contact Us