Microsoft’s Windows Defender is in the midst of a poor month. Just 10 days after it emerged the anti-virus software cannot spot a new type of trojan attack, another bug has been found. This time, Windows Defender is not completing Quick and Full scans properly.
Specifically, the program is failing after a few seconds when Quick and Full scans being initiated. Of course, this is only enough time for a small number of files to be scanned. Users have reported the problem on Reddit and on Microsoft’s own support forums.
The scanning bug seems to be affecting Windows Defender version 4.18.1908.7, which was released earlier this week. This means some users may not be on this version yet and should not update. ZDNet reports the problem is also observable on Security Essentials.
Microsoft has confirmed the problem and says it is developing a fix that should be rolled out soon. The company added real-time scans still work, so any malware attacks should be spotted through this feature.
Trojan Attack Flaw
According to a report from BleedingComputer, bad actors have used the GootKit banking Trojan that help malware evade Windows Defender. GootKit uses a UAC bypass and WMIC commands to help executable malware remain undetected by Microsoft’s antivirus tool.
Malware and security researcher Vitali Kremez analyzed a GootKit sample and found the Trojan is being used in efforts to thwart Windows Defender. By leveraging GootKit, hackers are managing to hide malware from system defense scans.
What’s worrying about these recent problems is Microsoft bills Windows Defender as the first line of defense for Windows 10. In fact, the company says the tool is all the antivirus software a user on Windows needs.