Blog

09/04/18
All software should be created with security in mind. But when the primary purpose of a tool is to protect your computer’s security, you’d hope the developers were doing everything they could to minimise any targets that hackers can exploit.

Unfortunately, it seems that Microsoft took their eye off the ball in this respect, and Windows Defender has a nasty bug that can spread malware.

For a tool designed to protect your system that’s a major problem, especially with Microsoft building the tool directly into Windows 10.

On many Windows 10 systems it's the only security tool installed, putting them particularly at risk.

The problem is down to the way Windows Defender handles .RAR archive files. If the tool scans a malicious RAR archive, it can trigger a bug that launches code embedded in the RAR, giving it total control over the system.

This is exactly the opposite of what Windows Defender should be doing.

And the security researcher who uncovered the problem also discovered how it came to be there in the first place.

The problem originated with an open source tool, called Unrar, designed to allow you to create and extract files from RAR archives.

It seems Microsoft took a copy of this code and included it in Windows Defender. Open source licence terms usually allow code to be included in other products, provided the original developer is acknowledged, so there is nothing wrong with Microsoft borrowing someone else’s code, in principle.

However, there was nothing wrong with the original Unrar code. Instead, the problem was created by the way Microsoft modified the code they borrowed. By changing some of the variables in the code, they managed to mess up the way the Unrar code checked files, creating the bug and putting Windows Defender at risk.

Fortunately, they’ve managed to rush out a fix for the bug via Windows Update. If you have Windows 10, or automatic updates enabled on Windows 8.1 or 7, this will be installed without you having to do anything.

If not, open the Windows Update Control Panel and check for any available updates.

site map


business hours

We are open for business during the following times:

Monday to Friday: 10 am to 5pm.

newsletter sign up


By subscribing to our newsletter, you will always be updated with the latest news and offers from us.

​​​​​​​