Sunday, March 19, 2017

Found a BUG in Windows Defender Anti-Tampering


You should never logon to your Windows 10 as an Admin - You know I think so. Now it was just so amazingly funny when Avecto called me and asked to to do a webinar on this, which I delivered this week on Thursday. Like I (sadly) often do I just looked at what I was supposed to talk about a few days before primetime :) I just then realized it said "Sami Will show how to disable anti-malware"... Uups... I didn't really know exactly how to do it as I haven't tried in a long time to block Windows Defender.. Microsoft has done a good job with the Anti-Tampering anyway so I was honestly a bit worried...

Then I told myseld what I keep telling you: "If you are an Admin you can anyway do whatever you want". And for sure it took me like 5 minutes to come up with a way to totally block Defender. No, not just make it silent in the background, I mean really block it :)

Here is a video on how to do it:

How to mitigate? Don't run as an admin!

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.