Microsoft recently announced that it will no longer allow users to disable Microsoft Defender through the registry. Microsoft shared more details in its latest blog post after the change was controversial. Microsoft confirmed in a blog post that the registry key “DisableAntiSpyware” is no longer valid, preventing users from disabling Microsoft Defender by registry.
Microsoft explains, however, that disabling Defender manually doesn’t make any sense because defenders shut down automatically once a user installs a third-party antivirus product.
This setting does not apply to consumer devices, so we decided to remove this key. This adjustment covers microsoft Defender AntiMalware platform version 4.18.2007.8 and KB4052623 later. Enterprise E3 and E5 releases will be released in the future.
Note that this setting is protected by tampering. Tamper protection is available in all home and professional versions of Windows 10 Version 1903 and later and is enabled by default. The impact of DisableAntiSpyware removal is limited to Windows 10 prior to 1903 using Microsoft Defender Antivirus. This change does not affect the connection of third-party antivirus software to Windows Security apps. These will continue to work as expected.
Another report shows that Microsoft Defender, the antivirus software built into windows 10 systems, has acquired a new feature that can be exploited by hackers to download malicious programs from the Internet.
According to Security researcher Askar, Microsoft Defender has updated a new command line feature called MpCmdRun.exe, the Microsoft Antimalware Service command line utility.
Askar, a security researcher, says these changes to microsoft Defender-driven command-line tools could be abused by attackers. In other words, hackers can abuse these binary files and download any file from the Internet, including malware.
This also means that users will be able to download any files from the Internet using Microsoft Defender itself. This is unlikely to be a significant security vulnerability because Windows Defender still checks files after you complete the download using the command-line tools.