- Dec 27, 2014
- 3,423
- Content source
- https://youtu.be/h3T1D2bd04w
Windows Defender is designed to work as part of Windows. That means Smart Screen is an integral part of the protection. These testers download samples in zipped formats that bypass Smart Screen. But in real life, that is not how malware is delivered -- with one exception. Torrented cracks.Very weak in default settings,almost a disaster.
Good to know,thanks.In fact,that was my question,how they bypassed so easily smartscreen.Windows Defender is designed to work as part of Windows. That means Smart Screen is an integral part of the protection. These testers download samples in zipped formats that bypass Smart Screen. But in real life, that is not how malware is delivered -- with one exception. Torrented cracks.
If you download cracks by torrent, I can guarantee you that Windows Defender will have 0% success rate -- because you will surely turn WD off before you run the file.
In the video, the SmartScreen for applications was simply turned OFF.Good to know,thanks.In fact,that was my question,how they bypassed so easily smartscreen.
That's not fair.It's like a car without fuel.In the video, the SmartScreen for applications was simply turned OFF.
The problem is that smartscreen is too good. It spoils the tests, so they need to turn it off.That's not fair.It's like a car without fuel.
This is generally true, but with some additional notes.The problem is that smartscreen is too good. It spoils the tests, so they need to turn it off.
However, smartscreen has three weaknesses:
1 script files are not checked
2 files unpacked from rar and some other compressed formats are not checked
3 detection is weak for fresh digitally signed malware.
Number one is indeed a problem, so you need some kind of script protection, whether it is syshardener or OSArmor or whatever.
Number two is a problem mainly for software pirates who live on torrents
Number three is not much of a problem for home users, because they rarely encounter such malware, and also because most good AVs block such malware pretty fast.