Items tagged with windows defender

Microsoft is giving its popular Windows Defender antivirus utility a name change, and it is reflective of the company's increasingly important (and lucrative) decision to branch into cross-platform endeavors. Windows Defender will now be called Microsoft Defender, while Windows Defender Exploit Guard is now called Microsoft Defender Exploit Guard. This move to rename Windows Defender as Microsoft Defender will more closely align the company's suite of security offerings which has grown to include products like Microsoft Defender Advanced Threat Protection (ATP), which is available for devices running macOS, iOS, Android and Linux. According to Ghacks, which first made note of the... Read more...
Although malware for macOS isn’t nearly as prevalent as it is on Windows devices, the platform is not immune to attacks. Apple has some limited built-in malware detection in macOS, but there are plenty of more robust options available for users who wanted added protection. Microsoft is the latest to announce an antivirus package for macOS, and it’s called Microsoft Defender Advanced Threat Protection (ATP). Think of Microsoft Defender ATP as the macOS counterpart to Windows Defender for Windows 10 systems, and it will run on macOS Sierra, macOS High Sierra and macOS Mojave. Microsoft is currently offering Microsoft Defender ATP as a limited preview for select business customers who... Read more...
With about a week to go before this month's Patch Tuesday rolls into view, Microsoft has issued a batch of security updates to address a critical vulnerability affecting Windows Defender and a spatter of other antimalware services, such as Windows Intune Endpoint Protection. Left unpatched, an attacker could weasel his malicious wares onto a system remotely and even create new accounts with full system permissions. The vulnerability lies in Microsoft's Malware Protection Engine, or mpengine.dll. This is the main component of Windows Defender in Windows 10, and if left unpatched, affected systems are susceptible to all kinds of potential nastiness. "An attacker who successfully exploited this... Read more...
Microsoft's Windows Defender was working hard this week, and according to Microsoft, just before noon on March 6 the AV suite put the brakes on 80,000 instances of several sophisticated trojans. These trojans were especially dastardly because they had advanced cross-process injection techniques, persistence mechanisms, and evasion methods. All the trojans are new versions of Dofoil (also known as Smoke Loader) and they carry a coin miner payload. Microsoft wrote, "Within the next 12 hours, more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine 4% of the global encounters." Microsoft notes that Windows Defender AV flagged the "unusual persistence... Read more...
Microsoft this week announced that it has integrated some new tricks into Windows Defender to help prevent users from being bullied to buy upgraded versions of free software. According to Microsoft, there has been a big uptick in free versions of programs that claim to scan a user's computer and find a litany of errors. The software then uses coercive messaging to scare users into buying upgrades to license premium versions of the software to fix the errors. Microsoft notes that the premium version of these programs are often called cleaner or optimizer applications and claim to fix the issues that the free version found. Microsoft wrote, "We find this practice problematic because it... Read more...
A vulnerability researcher at Google is giving props to Microsoft for issuing a quick fix to what he described as a "crazy bad" remote code exploit in the company's malware protection engine. He also said it was the worst of its kind in recent memory, and that is because prior to the patch, a remote attacker could gain full control of a PC simply by sending a malicious email. The recipient needn't even open the communication for this nasty zero-day bug to work. "The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code... Read more...
Microsoft has a long and somewhat bumpy road in the antivirus field. Even its latest AV solution, Windows Defender, has not always garnered praise, though that is beginning to change. A recent blog post by a security expert who heaped praise on the default security software in Windows has prompted others to come out and speak in favor of using Windows Defender instead of a third-party solution. "At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but... Read more...