Windows Defender has been discovered to allow the execution of commands that directly download malware and many other files to a Windows computer.
According to Hothardware, the basic malware protection available on many Microsoft Windows computers has a handy feature called a command-line interface. In particular, Microsoft Protection CMD (MpCmdRun.exe) allows the use of security functions via the command line. In general, several commands allow users to scan, monitor, and modify.
But security researcher Askar Mohammad found in a new update to Windows Defender there are malicious files that can be downloaded using the -DownloadFile argument and a URL associated with it. This -DownloadFile argument allows the user to download the file on the command line.
Fortunately, Windows Defender and other anti-virus software can detect the malware and remove it. Obviously letting a flaw appear in a security software like Windows Defender is dangerous.
Users need to be on the lookout for this vulnerability, including making sure their network ports are always protected, and at the same time have a sense of security instead of relying entirely on a security software.
