• Barracuda@lemmy.zip
    link
    fedilink
    English
    arrow-up
    4
    ·
    10 days ago

    If you’re on Windows and use Windows Defender, you should be safe as it has been updated to detect and block the vulnerability.

    • Agent Karyo@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      9 days ago

      I didn’t know that Windows Defender essentially blocked the vulnerability.

      I will also note that there can be situations when Windows Defender doesn’t work.

      I got hit by a WinRAR zero day exploit (the archive was supposed to be just images) that installed master Monero minor that disabled Windows Defender and blocked installation of other tools. I was able to clean my computer, but I only found through a non-english site (and I happen to speak that language so it was easier to validate that it was legit).

      • Barracuda@lemmy.zip
        link
        fedilink
        English
        arrow-up
        3
        ·
        10 days ago

        Well yeah it’s a zero day, so not much an AV can do. I’m just quoting the article.

        • Agent Karyo@lemmy.world
          link
          fedilink
          English
          arrow-up
          4
          ·
          edit-2
          9 days ago

          For sure, I missed that (and the fact Valve seems to be deploying protections as well).

          The commentary about Windows Defender was just a random remark in passing. I wasn’t expecting the WinRAR zero day to be addressed (it’s a zero day after all), but the malware itself (the Monero miner) was around for a while (current version at the time was at least a year old) and WD had zero protections against its methods (that did not use the WinRAR zero day, that was the entry point).

          That being said, I do think this more of an edge case. WD works pretty well in my experience (especially for non-power users).