We recently published an article taking tech writers to task with regards to their overuse of click-bait articles– those articles that sensationalize a non-event and make mountains out of molehills: Tech Site Journalism Reaches All-Time Low. Controversy sells, don’t ya know.
Once again, a bunch of well-known tech sites have jumped all over a story reporting a supposed security flaw in Windows Defender. A recent report notes that Windows Defender has been updated with a new command-line tool that supports a “DownloadFile” function. Advanced users can utilize this dedicated command-line tool, mpcmdrun.exe (Microsoft Antimalware Service Command Line Utility), to automate Microsoft Defender Antivirus functions. Security researchers revealed that the tool can be used to download any file from the internet, including malware.
As is the way these days, multiple supposedly reputable tech sites have subsequently beaten up the negative connotations associated with this report and completely failed to check out the other side of the story.
Windows Defender Security Issue – A Non-Issue
These click-bait articles are suggesting that attackers could abuse Windows Defender’s new feature to download malware from the internet and take control of your computer. However, they have failed to mention two very important facts:
- To achieve this would require administrator privileges and the tool cannot be used to elevate privileges
- Windows Defender will STILL detect and block any malicious file downloads
In other words, while a user with administrator privileges can use this tool to download any file (including malware), Windows Defender will still scan and block malicious files, such as malware or ransomware. It has now been confirmed that the tool cannot be used to seize system control or infect computers with malware. The obvious conclusion is this new feature is NOT a security threat.
If you’re a Windows Defender user and have read any of these click-bait articles, no need for concern. Windows Defender does not have a security flaw and remains a perfectly safe-to-use antivirus solution.
FOOTNOTE: I am still referring to Microsoft’s built-in antivirus solution as Windows Defender even though I believe the name has now been changed to Microsoft Defender. I continue to do so because that’s the name most users recognize. I think I might have mentioned previously that Microsoft’s naming conventions continue to be a source of irritation.
FURTHER READING:
—
Jim. From what I found, the pro comments are that it is free and dependable for the average user. The major con being it is not regularly updated.
For my piece of mind, I prefer to pay for protection, than find out later. Even though I surf safe sites (do not look for trouble), I was pleasantly surprised when alerted by my security software, while searching for information on Windows Defender. One site I visited was flagged with a warning about having a poor Web of Trust rating, while another had malware detected and blocked.
I understand these could have been false positives, but am happy knowing I am protected, Mindblower!
Hey MB,
Not sure where you’re getting your information from mate but Defender is definitely being updated, quite regularly. In fact, this entire article is in reference to a recent update.
I am embarrassed beyond words Jim. Was unsuccessful using my browser history to locate that review site. A note to myself for next time, “take a screen shot”, Mindblower!
Absolutely no need to be embarrassed MB, and I am very sorry if anything in my comment contributed.
This article and my previous article – Tech Site Journalism Reaches All Time Low – both emphasize that there are far too many click-bait articles being published by tech sites. You will remember the old adage…”don’t believe everything you read in the newspapers”. Well, the same can said of tech sites these days. 🙂