Items tagged with windows defender
They say with great power comes great responsibility, and you would think Windows Defender would be incredibly responsible -- at least when it comes to security. As it turns out, however, that Windows Defender shared its “great power” in allowing its command line utility to download potentially malicious files to a Windows PC. Windows Defender, the basic malware protection on any modern Windows PC, also comes packed with another handy feature: a command line interface. The “MpCmdRun.exe” (Microsoft Protection CMD) allows for utilization of security features through command line. Users could scan, trace, and tinker with a variety of commands. Now, in an update to Windows...
Read more...
Microsoft has had more than its fair share of Windows 10 quality control problems over the past few months, with one of the most recent ones relating to its Windows Defender anti-malware software. As we reported earlier this week, users encountered a problem where initiating a system scan would result in Windows Defender failing during both automatic and manual scans. Windows 10 users were presented with a message that stated "Items skipped during scan" when using Windows Defender version 4.18.2003 or later. There was no indication if this was simply a bogus message, or if Windows Defender was actually failing to scan items on a user’s system. Although a workaround was...
Read more...
Few Windows 10 users will be surprised to hear that Microsoft has issued a Windows 10 update that has caused problems. This time out, an update for Windows Defender appears to have rendered the antivirus scan on Windows 10 unable to function. Reports indicate that when the antivirus protection software runs, it ends with a message that says "Items Skipped During Scan." For some Windows 10 users, the Defender scans fail after a couple minutes with a message that says "items skipped" and a statement that no threats were discovered on the device. The problem is that it's not clear which items are being skipped by Windows Defender and it's unclear if the antivirus software is actually scanning for...
Read more...
Windows users have a built-in antivirus program that is expected to be on the job looking for viruses and other threats that could compromise the security of a computer. A major bug has been reported in Windows Defender, the built-in antivirus program that many Windows users take advantage of. It's easy enough to see if a computer is impacted by the bug by running a quick or full scan. On machines that are impacted, the scans will fail after a few seconds and only go through a handful of files. Depending on the number of files on the computer, this sort of scan can last hours. The bug has been widely reported over the last few days on Microsoft tech support forums, Reddit, and other places. The...
Read more...
Microsoft is giving its popular Windows Defender antivirus utility a name change, and it is reflective of the company's increasingly important (and lucrative) decision to branch into cross-platform endeavors. Windows Defender will now be called Microsoft Defender, while Windows Defender Exploit Guard is now called Microsoft Defender Exploit Guard. This move to rename Windows Defender as Microsoft Defender will more closely align the company's suite of security offerings which has grown to include products like Microsoft Defender Advanced Threat Protection (ATP), which is available for devices running macOS, iOS, Android and Linux. According to Ghacks, which first made note of the...
Read more...
Although malware for macOS isn’t nearly as prevalent as it is on Windows devices, the platform is not immune to attacks. Apple has some limited built-in malware detection in macOS, but there are plenty of more robust options available for users who wanted added protection. Microsoft is the latest to announce an antivirus package for macOS, and it’s called Microsoft Defender Advanced Threat Protection (ATP). Think of Microsoft Defender ATP as the macOS counterpart to Windows Defender for Windows 10 systems, and it will run on macOS Sierra, macOS High Sierra and macOS Mojave. Microsoft is currently offering Microsoft Defender ATP as a limited preview for select business customers who...
Read more...
With about a week to go before this month's Patch Tuesday rolls into view, Microsoft has issued a batch of security updates to address a critical vulnerability affecting Windows Defender and a spatter of other antimalware services, such as Windows Intune Endpoint Protection. Left unpatched, an attacker could weasel his malicious wares onto a system remotely and even create new accounts with full system permissions. The vulnerability lies in Microsoft's Malware Protection Engine, or mpengine.dll. This is the main component of Windows Defender in Windows 10, and if left unpatched, affected systems are susceptible to all kinds of potential nastiness. "An attacker who successfully exploited this...
Read more...
Microsoft's Windows Defender was working hard this week, and according to Microsoft, just before noon on March 6 the AV suite put the brakes on 80,000 instances of several sophisticated trojans. These trojans were especially dastardly because they had advanced cross-process injection techniques, persistence mechanisms, and evasion methods. All the trojans are new versions of Dofoil (also known as Smoke Loader) and they carry a coin miner payload. Microsoft wrote, "Within the next 12 hours, more than 400,000 instances were recorded, 73% of which were in Russia. Turkey accounted for 18% and Ukraine 4% of the global encounters." Microsoft notes that Windows Defender AV flagged the "unusual persistence...
Read more...
Microsoft this week announced that it has integrated some new tricks into Windows Defender to help prevent users from being bullied to buy upgraded versions of free software. According to Microsoft, there has been a big uptick in free versions of programs that claim to scan a user's computer and find a litany of errors. The software then uses coercive messaging to scare users into buying upgrades to license premium versions of the software to fix the errors. Microsoft notes that the premium version of these programs are often called cleaner or optimizer applications and claim to fix the issues that the free version found. Microsoft wrote, "We find this practice problematic because it...
Read more...
A vulnerability researcher at Google is giving props to Microsoft for issuing a quick fix to what he described as a "crazy bad" remote code exploit in the company's malware protection engine. He also said it was the worst of its kind in recent memory, and that is because prior to the patch, a remote attacker could gain full control of a PC simply by sending a malicious email. The recipient needn't even open the communication for this nasty zero-day bug to work. "The update addresses a vulnerability that could allow remote code execution if the Microsoft Malware Protection Engine scans a specially crafted file. An attacker who successfully exploited this vulnerability could execute arbitrary code...
Read more...
Microsoft has a long and somewhat bumpy road in the antivirus field. Even its latest AV solution, Windows Defender, has not always garnered praise, though that is beginning to change. A recent blog post by a security expert who heaped praise on the default security software in Windows has prompted others to come out and speak in favor of using Windows Defender instead of a third-party solution. "At best, there is negligible evidence that major non-MS AV products give a net improvement in security. More likely, they hurt security significantly; for example, see bugs in AV products listed in Google's Project Zero. These bugs indicate that not only do these products open many attack vectors, but...
Read more...
