Windows pcs at risk as the new tool disarms the incorporated safety

All modern Windows PCs come with Microsoft Defender Integrated. For strangers, this tool is Windows native antivirus.

Over time, it has matured in a reliable security tool capable of blocking a wide range of threats. However, a tool called Defendot can close Microsoft to defend completely, without exploiting an error or using malware. It simply convinces Windows that another antivirus is already executing.

The implications are serious. This tool does not enter the system or uses advanced code injection. Use Windows characteristics of the way they were designed to be used. And that makes the problem more difficult to detect and more difficult to solve.

Usa to the “Cyberguy Free Report: Obtain my expert technology advice, critical security alerts and exclusive offers, in addition to instant access to my Survival guide for the free final scam “ When you register!

The tool works by pretending to be an antivirus

Windows is built to avoid running multiple antivirus products at the same time. When a third -party antivirus is recorded, Windows disables Microsoft defending to avoid conflicts. Defend no This system explodes Use of an undocumented API that uses security software to communicate with the Windows Security Center.

The tool records a false antivirus that seems legitimate for the system. It uses a fictitious DLL and injected it into Task Manager, a trusted Windows process. When operating within this signed process, Defundot avoids signature verifications and permissions. Once the false antivirus is recorded, Windows disables Microsoft defend without prior notice or confirmation.

Windows 10 security defects leave millions vulnerable

The user is not shown to the user. No visible changes are made to indicate that the system is not protected. Unless someone check manually, the machine remains open to attacks without real -time protection.

The tool also includes options to establish a personalized antivirus name, enable registration and configure the automatic start. Achieve persistence when creating a scheduled task that runs every time the user logs.

Windows Software Defender vs Antivirus: Free protection falls short

From Github’s demolition to a fresh construction

Defendot is based on a previous project called No-Defender. That project used the code of a real antivirus product to the false record. He caught his attention quickly and was eliminated after a copyright complaint of the supplier whose code had been reused. The developer lowered the project and moved away from him.

With Defendot, the creator rebuilt the main characteristics using the original code. This version avoids copyright problems and uses a new method to achieve the same effect. Do not trust another antivirus or third -party binary. It was written from scratch to demonstrate how simple it is to manipulate Windows security from the inside of the system.

The Microsoft defender currently marks the tool as a threat. It detects it and puts it in quarantine under the name Win32/Sabsik.fl.! Ml. However, the fact that it works at all points to a weakness in how Windows manages antivirus registration and trust.

What is artificial intelligence (AI)?

Doublecickjacking Hack double click on account acquisitions

6 ways to protect themselves from malicious programs

While defending is a research project, there is the possibility that similar tools already exist and can be used to compromise their PC. Here are some tips to help you stay safe:

1. Use strong antivirus software: Even with regular updates, Windows systems can be left exposed by tools such as defending that silently disable incorporated defenses. A strong third -party antivirus with real -time protection and frequent updates provides essential backup security. Look for solutions with real -time protection and frequent updates to address emerging threats. Get my elections for the best antivirus protection winners 2025 for your Windows, Mac, Android and iOS devices.

2. Exhibition limit: Many exploits depend on the user’s interaction, such as clicking on a shaded link, downloading a compromised file or setting up an unreliable virtual disc. Peel with good reputation websites, avoid opening unplayed email attachments and use a browser with built -in safety features (such as Microsoft Edge or Chrome with authorized safe navigation).

3. Avoid running unexpected commands: Never paste or run commands (such as Powershell scripts) that do not understand or were copied from random websites. The attackers often deceive users to execute without knowing malware in this way.

4. Keep your updated software: Regularly Update your operating systembrowsers and all software applications. Updates often include patches for security vulnerabilities that malware can exploit.

5. Use two factors authentication (2FA): Allow 2fa In all your accounts. This adds an additional security layer when requiring a second form of verification, which makes it difficult for the attackers to obtain access even if they have their password.

6. Invest on personal data elimination services: Even with strong device safety, your personal information can still be exposed online through data corridors and back sites. These services collect and publish details, such as their name, address and telephone number, which makes it an easier objective for identity theft or phishing. Automated data removal services track these sites and send elimination requests in their name, helping to reduce their fingerprint and increase their anonymity online. While they cannot erase each trace of their information, they make it significantly more difficult for attackers to find and exploit their personal data, which saves time and reduces unwanted spam in the process.

While no service promises to eliminate all its Internet data, having an elimination service is excellent if you want to constantly monitor and automate the process of eliminating your information from hundreds of sites continuously for a longer period of time. See my best selections to obtain data removal services here.

Get a free scan To know if your personal information is now available on the web.

Implacable computer pirates leave the windows to aim at their Apple ID

Kurt key takeway

Defendot points to a major problem with how Windows manages security. A characteristic is needed to prevent software conflicts and makes it a way of completely disableing protection. The system assumes that any registered antivirus is legitimate, so if the attackers can pretend that, they enter without much resistance.

We often think that security is to block the bad and trust the good. But this case shows what happens when that trust is out of place. Defendot does not overlook Windows defenses. Walk just when using valid credentials. The solution is not just more patches or stronger malware signatures. What we need is a more intelligent way for systems to say what is really sure.

Click here to get the News application

Do you think that companies such as Microsoft need to rethink how Windows handles antivirus registration and trust, since tools such as defending can easily disable incorporation without using malware or exploit an error? Get us knowing in Cyberguy.com/contact.

To obtain more technological tips and safety alerts, subscribe to my free Cyberguy Report newsletter when you head Cyberguy.com/newsletter.

Ask Kurt or tell us what stories you would like us to cover.

Follow Kurt in his social channels:

• Facebook
• YouTube
• Instagram

Answers to the most informed Cyberguys questions:

• What is the best way to protect your MAC devices, Windows, iPhone and Android to be pirate?
• What is the best way to stay private, safe and anonymous while navigating the web?
• How can I get rid of robocalls with data elimination applications and services?
• How do I eliminate my private internet data?

New Kurt:

• Try the new Cyberguy games (crosswords, words searches, trivia and more!)
• Cyberguy exclusive coupons and offers

Copyright 2025 Cyberguy.com. All rights reserved.