A loophole has been found in Microsoft's operating system for installing malware. This is reported by BleepinComputer with reference to cybersecurity expert Mohammad Askar.
The specialist found in one of the latest Windows updates the ability to remotely install applications using the built-in Windows Defender antivirus (“Windows Defender”). The innovation allows using the command line MpCmdRun.exe to install programs. Askar noted that the OS was actually taught to install malware on its own.
According to the expert, the good news is that Windows Defender is capable of detecting virus-infected software, even if the program facilitates its installation. However, not all third-party antiviruses can detect malicious applications. The expert joked that in this way Windows Defender is included in a long list of compromised programs through which infected software can be installed on a computer.
Earlier, experts noticed that Microsoft has disabled the ability to deactivate the built-in Windows Defender antivirus through the registry. At the same time, the program does not interfere with the work of third-party anti-virus applications.