We reported two days ago that Windows Defender has added the ability to download files via the command line using the app, e.g.
MpCmdRun.exe -DownloadFile -url [url] -path [path_to_save_file]
Security researchers expressed concern that the new feature increased Windows 10’s attack surface and could be used to download malicious binaries.
Microsoft has now responded to the concern with a statement, saying:
“Despite these reports, Microsoft Defender antivirus and Microsoft Defender ATP will still protect customers from malware. These programs detect malicious files downloaded to the system through the antivirus file download feature.”
Microsoft also said the feature could not be used for privilege escalation.
While Microsoft denies the feature is a security risk, it is well known that the greater the attack the surface the less secure a system is, and some users have complained that they are unable to lock down their PCs by disabling the new feature.
Do our readers accept Microsoft’s reassurances? Let us know below.