Microsoft Defender: Download Feature removed …

[German]But that was only a very short guest performance. Microsoft had added this 'cool' download feature to its Defender. But security experts wasn't amused about that. All of a sudden the download feature is gone again …


Defender Download-Feature, that's what we are talking about

For those blog readers who have not followed it closely, a few short sentences. Microsoft had given Defender a way to download arbitrary files. You can use the command:

C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2008.9-0\MpCmdRun.exe  -DownloadFile -url <url> -path <local-path>

as administrator to download any file with Windows Defender. Microsoft had described the whole thing in this support article in mid-August 2020.

However, this download feature caused more headaches than enthusiasm among security experts. This is a nice feature for malware authors to download their malicious functions. In early September 2020, I addressed the issue in the blog post Security concerns about Microsoft Defender download feature.

It's gone again …

I just read at Bleeping Computer that Microsoft has removed this feature in the Antimalware Client Version 4.18.2009.2-0 just released.  The help does not show the command anymore and when using the option an error is reported. No idea what caused the developers to take this step.


Cookies helps to fund this blog: Cookie settings

This entry was posted in Security, Windows and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *