Close Menu
    Facebook X (Twitter) Instagram
    Nintendo-Power
    • Home
    • Top News
    • Tech
    • Nintendo
    • Downloads
    • Contact Form
    Nintendo-Power
    Home»Top News»Windows Defender can download malicious files and now Windows Update can run them
    Top News

    Windows Defender can download malicious files and now Windows Update can run them

    Beatrice AshfordBy Beatrice AshfordOctober 13, 2020No Comments2 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Windows Defender can download malicious files and now Windows Update can run them
    Share
    Facebook Twitter LinkedIn Pinterest Email

    We reported in September that we have added the ability to download files via the command line using the Windows Defender app, e.g.

    MpCmdRun.exe -DownloadFile -url [url] -Path [path_to_save_file]

    It is useful for downloading Abitory Binary from the Internet.

    Although not exploitable by itself, this feature allows a script that can execute the command line, which can import more files from the Internet using native Living-of-the-land binaries or LOLBINs.

    Now a similar feature has been found in Windows Update, which allows hackers to run malicious files.

    The Sleeping Computer reports that MDSec researcher David Middlehurst has discovered that attackers can also use Wooklt by arbitrarily loading from a specially designed DLL with the following command-line options to execute malicious code on Windows 10 systems:

    wuauclt.exe / UpdateDeploymentProvider [path_to_dll] / Runhandler ComServer

    This trick bypasses Windows User Account Control (UAC) or Windows Defender Application Control (WDAC) and can be used to stay stable on already compromised systems.

    After the discovery, he also discovered that hackers existed first A pattern was found Using the trick in the forest.

    In response to a previous report, Microsoft removed the ability to download files from MpCmdRun.exe. It remains to be seen how Microsoft will respond to the latest revelation.

    Read more in detail Here at the sleeping computer.

    Beatrice Ashford

    Beatrice Ashford is a contributor at Nintendo-power.com, covering a wide range of topics including news, politics, business, technology, sport, entertainment, and lifestyle. She focuses on delivering clear, balanced reporting and useful information that helps readers stay informed about current events and emerging developments. Her work highlights stories that matter to everyday audiences, with an emphasis on accuracy, relevance, and accessible journalism that keeps readers connected to the issues shaping the world around them.

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    Acrylic Nails for the Modern Professional: Balancing Style and Practicality

    September 6, 2024

    The Majestic Journey of the African Spurred Tortoise: A Guide to Care and Habitat

    September 2, 2024

    Choosing Between a Russian and a Greek Tortoise: What You Need to Know

    June 21, 2024
    Leave A Reply Cancel Reply

    Navigate
    • Home
    • Top News
    • Tech
    • Nintendo
    • Downloads
    • Contact Form
    Pages
    • About Us
    • Contact Us
    • DMCA
    • Editorial Policy
    • Privacy Policy
    • Nintendo Power – Latest Gaming News, Reviews & Retro Updates
    Recent
    • Games Done Quick Reveals Flame Fatales 2026 Schedule Supporting Malala Fund
    • 17,000 Brain Scans Reveal Unexpected Ethnic Differences in Alzheimer’s Disease Biology
    • Lenovo Unveils Mini PC Built Around Downloadable AI Skills Instead of Traditional Software
    • Uranus and Neptune May Be Magma Worlds Rather Than Ice Giants
    • Women’s Prize for Fiction 2026 Longlist Revealed with Susan Choi and Katie Kitamura Among Contenders
    • About Us
    • Contact Us
    • DMCA
    • Editorial Policy
    • Privacy Policy
    • Nintendo Power – Latest Gaming News, Reviews & Retro Updates
    © 2026 Nintendo Power. All rights reserved.

    Type above and press Enter to search. Press Esc to cancel.