Skip to content
Microsoft Secure

Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses

Windows Defender Antivirus uses a layered approach to protection: tiers of advanced automation and machine learning models evaluate files in order to reach a verdict on suspected malware. While Windows Defender AV detects a vast majority of new malware files at first sight, we always strive to further close the gap between malware release and...

Read more

Microsoft teams up with law enforcement and other partners to disrupt Gamarue (Andromeda)

Today, with help from Microsoft security researchers, law enforcement agencies around the globe, in cooperation with Microsoft Digital Crimes Unit (DCU), announced the disruption of Gamarue, a widely distributed malware that has been used in networks of infected computers collectively called the Andromeda botnet. The disruption is the culmination of a journey that started in...

Read more

MSC17_dataCenter
Microsoft Contact: Stephen Smith (stepsmit)
Agency: Cinco Design
Agency Contact: Kate Callahan (kate@cincodesign.com)
Photographer: Amy Sacka (http://www.amysackaphotography.com/)
Shoot month: March 2017
Location: Portland, OR
Business: LinkedIn Datacenter

Windows Defender ATP machine learning and AMSI: Unearthing script-based attacks that ‘live off the land’

Scripts are becoming the weapon of choice of sophisticated activity groups responsible for targeted attacks as well as malware authors who indiscriminately deploy commodity threats. Scripting engines such as JavaScript, VBScript, and PowerShell offer tremendous benefits to attackers. They run through legitimate processes and are perfect tools for “living off the land”—staying away from the...

Read more

#AVGater vulnerability does not affect Windows Defender Antivirus, MSE, or SCEP

On November 10, 2017, a vulnerability called #AVGater was discovered affecting some antivirus products. The vulnerability requires a non-administrator-level account to perform a restore of a quarantined file. Windows Defender Antivirus and other Microsoft antimalware products, including System Center Endpoint Protection (SCEP) and Microsoft Security Essentials (MSE), are not affected by this vulnerability. This vulnerability...

Read more

Microsoft takes on world’s worst cybercriminals

Microsoft recently took legal action against a group of cybercriminals suspected of spreading malicious software to millions of unsuspecting computer users. These social media–savvy cybercriminals have not only spread the malware themselves, but they’ve also promoted their malicious tools across the Internet, offering step-by-step instructions to completely control millions of unsuspecting victims’ computers to conduct...

Read more

Best ways to battle botnets

What is a botnet? Botnets are networks of compromised computers that criminals use to commit fraud, such as: Secretly spreading malware Stealing personal information Hijacking Internet search results to take you to websites that are potentially dangerous How do I know if my computer is part of a botnet? Your computer might be part of a botnet...

Read more

How do I know if I already have antivirus software?

UPDATE: For the most relevant information on antivirus software, learn how to protect your computer by visiting the Microsoft support page on Windows Defender. We can ensure this page stays updated with the most relevant information on how to help protect your PC with Windows Defender.   If your computer is running Windows 8 If...

Read more

Online safety tips for travelers

If you’re travelling this holiday season and you plan to be online, here are a few ways to protect yourself and your family: Before you go, make sure all your software (and especially your antivirus software) is up to date. Learn how to get security updates automatically. Be careful with vacation details that you post...

Read more

EMET: A valuable tool for PC protection

If you’re a regular reader of this blog, then you’ve probably already taken steps to help protect your PC. You have antivirus software that you trust and you keep it updated automatically. You’ve activated your firewall. You regularly install security updates. You know not to respond to suspicious emails or to click links with promises...

Read more

Get free or paid support for your malware problem

Is your computer running slowly? Are programs starting unexpectedly? Is the activity light on your broadband or external modem constantly lit? Does it sound like your computer’s hard disk is continually working? If you answered “yes” to any of these questions, your computer might be infected with malware. Scan your PC for viruses If you...

Read more