A cybersecurity expert has discovered that the latest version of software called Microsoft Defender, available for Windows 10, can download malware. Microsoft Defender performs this operation with a command-line tool. The downloaded malware is detected again by Microsoft Defender.
In the latest version of Microsoft Defender, the antivirus program offered by US-based technology giant Microsoft for Windows 10, a problem was detected as meaningless as it was critical. This issue involved reconfiguring Microsoft Defender so that it could even download malware. Fortunately, Microsoft Defender instantly detects the downloaded malware, even though this software is downloadable.
“MpCmdRun, which can be used in the latest version of Microsoft Defender,” said a cybersecurity expert named Mohammad Askar.it was discovered that a command-line tool called” exe ” can download malware. This discovery led to the addition of Microsoft Defender to the list of Windows applications that hackers could abuse.
BleepingComputer, which conducted research on Microsoft Defender on the discovery of Askar, found that this feature was added to the application in versions coded 4.18.2007.9 or 4.18.2009.9. So, how can Microsoft Defender help download malware? If you’d like, Let’s take a closer look at how it happened.
According to the discovery by Mohammad Askar, MpCmdRun is available with Microsoft Defender.a command-line argument as “- DownloadFile” has been added to the command-line tool named exe. When a user or hacker runs a command “-DownloadFile-url [url] -path [path_to_save_file]” in the command-line tool, the malware is downloaded to the computer.
BleepingComputer, in its work on Microsoft Defender, caused the cyberattack on wearable technology maker Garmin “resource.he managed to download the malware called” exe”. But as soon as the download ended, Microsoft Defender detected that the downloaded application was malicious by issuing a new warning and took the necessary actions to secure the user.
It is not known why Microsoft did such a thing to its own antivirus software. Microsoft has so far not released a statement on the matter. But the main problem here is the situation of consumers who use an antivirus program that is different from Microsoft Defender. It is unclear how antivirus software other than Microsoft Defender will react if a hacker infiltrates the computer he is targeting and downloads the malware through Microsoft Defender. Microsoft is expected to issue a statement on the matter.