In a recent Update, The official built-in Antivirus of Windows 10 has got a unique skill: It downloads viruses
Windows 10 downloads viruses thanks to a command-line tool
After a recent update to Windows 10, your built-in antivirus gains some skills that we are not familiar with. Basically, Windows 10 downloads viruses with a command-line tool. You can download some malicious files such as Trojan, Malware, Spyware etc.
This is not the intended purpose of this upgrade though. It looks like Microsoft was not aware of this. But still, you should not be worried about it unless you are a PC Guru. If you are just a regular user of Windows 10, then nothing serious will happen to your Personal Computer.
Thanks to Mohammed Askar (Who is a security tester and instructor) we have a decent amount of information about the security flaw of Windows 10. ”Well, you can download a file from the internet using Windows Defender itself. In this example, I was able to download Cobalt Strike beacon using the binary ‘MpCmdRun.exe’ which is the ‘Microsoft Malware Protection Command Line’,” States Askar on Twitter.
4.18.2007.8 update for Windows 10 is the reason for this flaw. This means this is on our computer for nearly two months. But as we say you don’t have to worry about it too much if you don’t have a computer hacker in your home. Because in order to download something you have to do it manually. This means, only the local user has the right to make such downloads from the command line tool. Microsoft is a hardworking company and I believe that there will be a hotfix soon for this issue. Until then, I advise the Windows 10 users to take precautions if the computer is used by more than one person. Someone else using your computer might fiddle with this vulnerability.