Last week, we reported that Microsoft has brought command-line file download functions to the Microsoft Defender antivirus software developed by the company in its latest update.
With the help of this command-line tool, files on the Internet can be downloaded through specific commands. As the signature of the command-line tool is Microsoft, the researchers are concerned.
Researchers worry that the third-party antivirus software installed by the user may ignore the file downloaded by the command line, even if it is a malicious file, there is a risk.
In response to media reports, Microsoft has officially issued a response. The company said that the new download function of its own command-line tool will not pose a potential security risk.
The reason is that Microsoft Defender anti-virus software and Microsoft Defender ATP tool will scan the files downloaded by the tool.
In other words, if an attacker tries to use this tool to download malicious files, they still have to be scanned by anti-virus software and will be blocked if they have malicious behavior.
At the same time, Microsoft emphasizes that the newly added download commands of the command line tool and the command-line tool itself cannot be elevated, that is, UAC control cannot be bypassed.
In a statement, Microsoft has refuted these reports:
Despite these reports, Microsoft Defender antivirus and Microsoft Defender ATP will still protect customers from malware. These programs detect malicious files downloaded to the system through the antivirus file download feature – Microsoft spokesperson.