Windows Defender has removed the ability to download files

Microsoft has removed the ability to download files through Windows Defender after it turned out how it could be used by attackers to download software on a computer.

Last week, we reported that Microsoft quietly added the ability to download files through Windows Defender for some unknown reason.

When this was discovered, the community in cyberspace expressed concerns about why Microsoft would allow Defender to be used by attackers like LOLBIN.

LOLBINs, or living-off-the-land binaries, are legitimate operating system files that can be compromised for malicious purposes.

To download a file, the έπρεπε να τρέξουν ένα command line of the Microsoft Antimalware service (MpCmdRun.exe) with the -DownloadFile command, as shown below.

MpCmdRun.exe -DownloadFile -url [url] -path [path_to_save_file]

In tests conducted by security researchers, I was able to download any files (even ransomware_, to their systems.

Το Windows Defender μπορεί ανιχνεύσει γρήγορα το κακόβουλο λογισμικό, αλλά κάποιο άλλο δεν θα εντοπίσει τη λήψη που πραγματοποιήθηκε από την εφαρμογή ασφαλείας της Microsoft.

With yesterday's release of the Windows Defender Antimalware Client in version 4.18.2009.2-0, it seems that Microsoft has changed the capabilities of MpCmdRun.exe.

Microsoft has effectively removed the ability to download files through the procommand prompt MpCmdRun.exe.

So if you try to download a file using MpCmdRun.exe you will encounter an error stating "CmdTool: Invalid command line argument."
Also the -DownloadFile command line setting has been removed from the help screen. The Best Technology Site in Greecefgns

Subscribe to Blog by Email

Subscribe to this blog and receive notifications of new posts by email.

Written by giorgos

George still wonders what he's doing here ...

Leave a reply

Your email address is not published. Required fields are mentioned with *

Your message will not be published if:
1. Contains insulting, defamatory, racist, offensive or inappropriate comments.
2. Causes harm to minors.
3. It interferes with the privacy and individual and social rights of other users.
4. Advertises products or services or websites.
5. Contains personal information (address, phone, etc.).