TE
TechEcho
GitHubTwitter
Home

Microsoft Defender Considered Malware

7 pointsby brookritzabout 3 years ago
All Linux machines at work now run &quot;Microsoft Defender Advanced Threat Protection&quot; (mdatp).<p>We have seen software crashing because files that were expected to be there were suddenly moved to &quot;quarantine&quot; by mdatp. On another occasion a job that moves thousands of small files to another directory took hours instead of seconds to complete. The mdatp daemon was running at 100% CPU and scanning all files for &quot;threats&quot;. The &quot;solution&quot; IT Operations implemented was that they added the affected directories to some ignore-list in the mdatp configuration.<p>Yesterday, a shell script that uses sort just crashed because it was missing &#x2F;tmp&#x2F;sortFhe4A. It turned out that MDATP moved the file while the sort process was running. The file contained alphanumeric identifiers. Some combination of bytes in on of sort&#x27;s tempfiles apparently resembled the signature of some stupid vbscript malware. In all cases it was false alarm. Duh..<p>Lessons learned: Microsoft Defender renders Linux machines unusable. Instead of protecting against threats this piece of junk is outright malware.

5 comments

agiacaloneabout 3 years ago
Um...it&#x27;s <i>obviously</i> telling you that Linux is just very unsafe. Every MSDN knows this: it&#x27;s one of the first things they read when opening up the Tome of Knowledge.<p>Best to re-install Windows 11. Be sure to beg forgiveness of the Microsoft gods by secure-deleting a copy of the Halloween Documents while chanting the true name of the Great Bill over the chorus of Bing bells.
hulituabout 3 years ago
Are you using MS Defender on Linux ? If yes, good luck. The last time i saw an antivirus catch a virus was about 20 years ago. Since then i had to clean up my work computers a couple of times, by hand, with the antivirus happily running.
naikrovekabout 3 years ago
90-100% of your complaints are going to be due to misconfiguration by the administrators of the system, I bet. and architectural differences of the EXT4 filesystem compared to NTFS and the nature of locking files on Linux.<p>you probably want to head over to Slashdot if you want to rant, as well. plenty of MS bashing here, but complaint for complaint&#x27;s sake isn&#x27;t really the style here like it is in other places. or maybe it is, I don&#x27;t know. I could be reading everything wrong.
Shadonototraabout 3 years ago
the problem is not &quot;Microsoft Defender Advanced Threat Protection&quot; (what a stupid name btw)<p>the problem is the people who said &quot;let&#x27;s install this&quot;<p>clueless people became manager
traszabout 3 years ago
Why would anyone use it?