I didn’t know that Windows Defender essentially blocked the vulnerability.
I will also note that there can be situations when Windows Defender doesn’t work.
I got hit by a WinRAR zero day exploit (the archive was supposed to be just images) that installed master Monero minor that disabled Windows Defender and blocked installation of other tools. I was able to clean my computer, but I only found through a non-english site (and I happen to speak that language so it was easier to validate that it was legit).
For sure, I missed that (and the fact Valve seems to be deploying protections as well).
The commentary about Windows Defender was just a random remark in passing. I wasn’t expecting the WinRAR zero day to be addressed (it’s a zero day after all), but the malware itself (the Monero miner) was around for a while (current version at the time was at least a year old) and WD had zero protections against its methods (that did not use the WinRAR zero day, that was the entry point).
That being said, I do think this more of an edge case. WD works pretty well in my experience (especially for non-power users).
If you’re on Windows and use Windows Defender, you should be safe as it has been updated to detect and block the vulnerability.
I didn’t know that Windows Defender essentially blocked the vulnerability.
I will also note that there can be situations when Windows Defender doesn’t work.
I got hit by a WinRAR zero day exploit (the archive was supposed to be just images) that installed master Monero minor that disabled Windows Defender and blocked installation of other tools. I was able to clean my computer, but I only found through a non-english site (and I happen to speak that language so it was easier to validate that it was legit).
Well yeah it’s a zero day, so not much an AV can do. I’m just quoting the article.
For sure, I missed that (and the fact Valve seems to be deploying protections as well).
The commentary about Windows Defender was just a random remark in passing. I wasn’t expecting the WinRAR zero day to be addressed (it’s a zero day after all), but the malware itself (the Monero miner) was around for a while (current version at the time was at least a year old) and WD had zero protections against its methods (that did not use the WinRAR zero day, that was the entry point).
That being said, I do think this more of an edge case. WD works pretty well in my experience (especially for non-power users).