Windows Defender, also known as Microsoft Defender, has been around for some time in its current form, and it’s getting better with every Windows 10 feature upgrade. A new report, however, claims that Windows Defender has been updated with a new command line tool that supports a “-DownloadFile” function.
Advanced customers can use dedicated command line tool mpcmdrun.exe (Microsoft Antimalware Service Command Line Utility) to automate Microsoft Defender Antivirus functions. This feature is found under ProgramFiles > Windows Defender and it can be executed from a command prompt only.
After a recent update to Windows Defender, security researchers spotted that the tool can be used to download any file from the internet. Some researchers went a step further and used Windows Defender to download malware and ransomware.
It’s believed that Microsoft made this change to Windows Defender with either version 4.18.2009.9 or 4.18.2007.9.
This can be done by anyone with administrative privileges and Windows Defender command line tool on Windows 10.
Reports from independent researchers and news outlets suggested that attackers could abuse Windows Defender’s new feature to download malware from the internet and take control of your computer.
However, it was later discovered that Windows Defender will still detect malicious files downloads and the tool can’t be used to escalate privileges, which means this new feature is not a security threat.
In other words, you can download any file (including malware) but Windows Defender will scan the files and block malicious files, such as malware or ransomware. Windows Defender cannot be used to seize system control or infect computers with security threats.
In a statement, Microsoft has refuted these reports:
Despite these reports, Microsoft Defender antivirus and Microsoft Defender ATP will still protect customers from malware. These programs detect malicious files downloaded to the system through the antivirus file download feature – Microsoft spokesperson.
The protection applies to Windows 10 Home, Pro, Enterprise, and other editions of the operating system that comes with Windows Defender Antivirus software.