go to sections menu

Windows Defender able to download files … this can’t be good from blog The Technology blog and podcast

This is for the technology blog and podcast Commentary, articles, and podcasts

header picture for Ingegno theme

You are here: article commentary > Windows Defender able to download files … this can’t be good

Go to Homepage, contents or to navigation menu

Windows Defender able to download files … this can’t be good

Shaun Everiss sent me this article talking about and giving instructions on using Microsoft Defender to download any particular file from anywhere on the Internet.

While in practice, this could be helpful as a download manager, Shaun indicates correctly that it can be potentially abused.

I’m sure that most people remember the download managers we used to use years ago including Getright. Since I’ve not used it in quite awhile and we had a license, just searching for it tells me it doesn’t even run in Windows 10.

Today, I’m not sure if we really need Getright since Firefox and Chrome have their own download managers built in and they can take you to the page where the file is as well as open folders of where you saved your stuff.

The article should be shared in passing, because it can be possible for this to be abused, and it probably won’t be long before it does. Thanks Shaun for this.

What to read:

Comments from Shaun after he gives me the link:

Obviously this has its uses.

However I do wander what microsoft was thinking.

Malware users and hackers can use this file to download anything they want.

The file download is quite dangerous as well lets face it its a legit download silently by windows defender.

Now, it can be used for some troublesome files I guess but you certainly can’t block it.

I do hope it doesn’t bite microsoft in the rear though.

You’re not wrong. Could this be used as a new download manager? This is going to get quite interesting.
As an update to the post, according to winaero, a lot of security reserchers have voiced the same concerns I have.
Microsoft’s responce was to issue a boilerplate answer explaining that their stuff works and that there is no risk.
My responce would simply be to delete the feature entirely, maybe make a thirdparty tool that would handle this feature and release it if you want with a user interface or something if you want.
This isn’t smart of microsoft.
Even if this thing is not used or abused, there is no way to tell its being used unless you notice something.
The only thing is, that its likely that this will not be used extensively, you can’t just run mpcmdrun.exe from anywhere you must initiate this yourself.
The issue would be scripts trying to get downloads from who knows where.
Microsoft could restrict this to certain certifyed programs but even so.
Remove it or make a download manager the user can use is my vote.
Unless you are support then you probably don’t need it and with all the scams well who knows.

Informazioni sull'articolo

Windows Defender able to download files … this can’t be good was released on September 5, 2020 at 11:50 am by tech in article commentary.
Last modified: September 7, 2020.

Comments (0)

No comments yet.

Leave a comment

You must be logged in to post a comment.

go to sections menu

navigation menu

go to sections menu