Microsoft Defender Antivirus Archives

Winsage

July 9, 2025

Deal Alert: Get Windows 11 Pro for Just $9.97 Before Windows 10 Support Ends

A lifetime license for Windows 11 Pro is available for .97, a 95% discount from the standard retail price of 9.99, until July 15 at 11:59 p.m. PT. Windows 10 support will end in October 2025. Windows 11 Pro features include BitLocker device encryption, Secure Boot, Microsoft Defender Antivirus, DirectX 12 Ultimate support for gaming, Microsoft Copilot AI for productivity, and optimized performance for Intel and AMD chips.

Tech Optimizer

June 27, 2025

Siemens: Fixes for Microsoft Defender Antivirus issue in Simatic PCS underway

Over 7,000 of the more than 15,000 Model Context Protocol servers are currently accessible via the internet, and many are affected by the "NeighborJack" vulnerability, which allows unauthorized access to anyone on the same local network. This raises concerns about potential data breaches and security risks as AI technologies become more integrated into various sectors.

Winsage

June 26, 2025

Microsoft’s Upgrade Mistake For 400 Million Windows Users

Microsoft has announced an extension of Windows 10 support until October 2026 at no additional cost, affecting approximately 400 million users. This extension was previously set to end in October 2025. Users with eligible PCs for an upgrade number around 400 million, while about 240 million are not eligible. The extension includes Security Intelligence Updates for Microsoft Defender Antivirus on Windows 10 through October 2028, but it is a one-year arrangement and not full security support. Users can enroll in the Extended Security Updates (ESU) program through options like cloud backup, reward points, or a fee, and this feature will be available to all users in the coming weeks.

Winsage

June 24, 2025

Stay secure with Windows 11, Copilot+ PCs and Windows 365 before support ends for Windows 10

Windows has been the most widely used operating system globally since its launch in 1985, currently powering over a billion active devices each month. Support for Windows 10 will end on October 14, 2025, meaning Microsoft will stop providing security and feature updates, as well as technical support for Windows 10 PCs. Users can check their eligibility for upgrading to Windows 11 through the Settings menu or the PC Health Check app. Windows 11 features enhanced security, improved performance, and a modern user interface, with built-in accessibility tools and AI capabilities. The Windows 10 Extended Security Updates (ESU) program will provide critical security updates for personal devices from October 15, 2025, to October 13, 2026. Organizations can subscribe to ESU for continued security updates for a year, with the option to renew annually. Windows 365 offers a cloud-based solution for transitioning to Windows 11 without needing to replace all devices immediately. Various Windows 11 and Copilot+ PCs are available from partners like Acer, ASUS, Dell, HP, Lenovo, Samsung, and Surface.

Winsage

May 26, 2025

Microsoft releases an update to tackle a built-in issue in Windows images, but who is it for?

Microsoft encourages users to adopt the latest version of Windows or a version eligible for monthly security updates to protect against security threats. Older Windows ISOs are vulnerable due to outdated security updates and antimalware software. Microsoft has released an update for Microsoft Defender to enhance the security of these older Windows images. This update includes the latest Microsoft Defender binaries, which must be applied offline to WIM and VHD files for Windows 11, Windows 10 (Enterprise, Pro, Home), Windows Server 2022, 2019, and 2016. The update improves both the anti-malware client and engine, with package sizes of 78.2 MB for ARM64, 128 MB for x86, and 132 MB for x64 systems. Users need a 64-bit version of Windows 10 or later, PowerShell 5.1 or later, and specific modules to implement the update. Regular updates every three months are recommended for optimal security.

Tech Optimizer

May 21, 2025

Lumma Stealer: Breaking down the delivery techniques and capabilities of a prolific infostealer

Microsoft has monitored Lumma Stealer, an infostealer malware used by financially motivated threat actors. Lumma Stealer, also known as LummaC2, functions as a malware-as-a-service (MaaS) solution that extracts data from browsers and applications, including cryptocurrency wallets. The entity behind Lumma is identified as Storm-2477, which maintains the malware and its command-and-control (C2) infrastructure. Affiliates can create malware binaries and manage C2 communications through a panel provided by Storm-2477. Ransomware groups have integrated Lumma Stealer into their operations. Lumma Stealer employs various delivery techniques, including phishing emails, malvertising, drive-by downloads, Trojanized applications, and abuse of legitimate services. Specific campaigns have been identified, such as one in April 2025 that used EtherHiding and ClickFix techniques to deliver Lumma Stealer via compromised websites. Another campaign on April 7, 2025, targeted Canadian organizations with emails containing invoice lures that led to malicious downloads. The malware is developed using C++ and ASM, employing advanced obfuscation techniques to evade detection. It can extract a wide range of user data, including browser credentials, cryptocurrency wallet information, and user documents. Lumma Stealer maintains a robust C2 infrastructure with multiple hardcoded and fallback C2 servers, utilizing encryption methods to secure communications. Microsoft's Digital Crimes Unit has disrupted Lumma Stealer's infrastructure by blocking approximately 2,300 malicious domains. Recommendations to mitigate the impact of Lumma Stealer include strengthening Microsoft Defender configurations, implementing multifactor authentication, and utilizing phishing-resistant authentication methods. Microsoft Defender products can detect and block activities associated with Lumma Stealer, providing alerts and insights for incident response.

Tech Optimizer

May 17, 2025

Do You Really Need Antivirus on Windows 11? Probably Not—Here’s Why

Windows 11 has robust built-in security features that may reduce the need for third-party antivirus software. Windows Security now offers comprehensive protection, including real-time malware detection, firewall protection, SmartScreen alerts, hardware-level security, account monitoring, and system health reports. According to AV-TEST results from January and February 2025, Microsoft Defender Antivirus scored 6.0/6.0 in protection, performance, and usability, effectively stopping advanced malware and phishing attempts with minimal system resource usage. Users of Microsoft Edge benefit from SmartScreen filtering, while those using other browsers receive system notifications for network protection. Basic digital hygiene practices, such as avoiding suspicious downloads and keeping software updated, are crucial for security. Third-party antivirus solutions may offer additional features but can lead to performance issues and privacy concerns. For casual users who maintain their systems and practice safe browsing, Windows Security is generally sufficient, while those handling sensitive information or needing advanced features may consider premium antivirus options.

AppWizard

May 14, 2025

Marbled Dust leverages zero-day in Output Messenger for regional espionage

Since April 2024, the threat actor Marbled Dust has been exploiting a zero-day vulnerability (CVE-2025-27920) in the Output Messenger chat application, targeting user accounts that have not applied necessary fixes. This exploitation has resulted in the collection of sensitive data from users in Iraq, specifically linked to the Kurdish military. Microsoft has high confidence in this assessment and notes that Marbled Dust conducts reconnaissance to identify potential targets using Output Messenger. Marbled Dust has successfully utilized this vulnerability to deploy malicious files and exfiltrate data. Microsoft notified the application’s developer, Srimax, about the vulnerability, leading to the release of a software update. A second vulnerability (CVE-2025-27921) was also found, but no exploitation of this second flaw has been observed. The zero-day vulnerability allows an authenticated user to upload malicious files to the server's startup directory. Marbled Dust has exploited this flaw to place a backdoor file, OMServerService.vbs, in the startup folder, enabling them to access communications and sensitive data indiscriminately. The attack chain begins with Marbled Dust gaining access to the Output Messenger Server Manager, likely through DNS hijacking or other credential interception techniques. Once inside, they exploit the vulnerability to drop malicious files, including a GoLang backdoor, which connects to a Marbled Dust command-and-control domain for data exfiltration. To mitigate this threat, Microsoft recommends updating to the latest version of Output Messenger, activating various security protections, and implementing rigorous vulnerability management strategies. Microsoft Defender XDR customers can identify potential threat activity through specific alerts related to Marbled Dust and utilize advanced hunting queries for detection. Indicators of compromise include traffic to the domain api.wordinfos[.]com, associated with Marbled Dust activities.

Tech Optimizer

May 4, 2025

5 reasons why I stopped using an antivirus on Windows 11

A growing number of users are reevaluating their reliance on traditional antivirus software, reflecting a deeper understanding of personal security needs. Many individuals are adopting strong cyber hygiene practices, taking personal responsibility for safe browsing and cautious online behavior. Modern browsers like Opera and Brave offer built-in security features and VPNs, emphasizing self-discipline in cybersecurity. Microsoft Defender Antivirus, integrated into Windows 11, provides real-time protection and frequent updates, making it a reliable choice for users who practice basic cyber hygiene. High-end antivirus packages often come with subscription fees, while open-source solutions can be cost-effective alternatives. Users have reported improved system performance after moving away from third-party antivirus programs, experiencing faster boot times and increased responsiveness. Essential security features are now recognized as not exclusive to antivirus software, with regular data backups, encryption, and password management enhancing overall protection. While some users find sufficient protection without traditional antivirus software, others with different threat models may still require it.

Winsage

May 2, 2025

Get Windows 11 Home for A$23 Right Now

Users can upgrade from Windows 10 to Windows 11 Home for a reduced price of A until June 1, down from the regular price of A7. Windows 11 features a refreshed interface with rounded app corners, a centered taskbar, customized widgets, and enhanced multitasking tools. It offers performance improvements, quicker startup times, and enhanced security features. A verified buyer reported a seamless installation process. The upgrade opportunity is available until June 1 at 11:59 p.m. PT, with prices subject to change.