Bug In Microsoft Defender Now Allow Malware Downloads


A security researcher has found a bug in anti-malware  Microsoft Defender software that potentially allows downloading malicious code or spyware. The issue has been identified after a recent product feature update.

In particular, MpCmdRun.exe receives an update from the Microsoft Malware Security Command Line tool, which now allows users to download files from a remote location.

Although the feature itself isn't malicious, the attacker could manipulate this feature to loading malicious programs onto a target computer.
It is a serious problem theoretically because everyone has the potential to transfer malicious files to the target computer using the protection tool itself.

Although it is a LOLBin (living off the country) it is very difficult to use, because Windows Defender will search each file until it is downloaded. If any malicious file is found, it will then automatically block it.

Previous Post Next Post