Where are your software installers going?

Microsoft can send samples of software from your PC using the Automatic Sample submission feature in Windows Defender. This would mean that even software that you develop or test will be pushed to their servers. Developers need to ask themselves if this is ok or not and turn off this feature in Windows 10.

The door is usually open for Microsoft when it comes to whitelisted services. Unless you are using a computer that is controlled by your organization’s policy, etc. This means the Windows Defender service can send samples of software to Microsoft for analysis. Including software you develop in-house. One must ask themselves what Microsoft is doing with the installers after they “analyze” them.

I’m also finding myself thinking of how attackers can exploit this in a way that can mean impersonating a piece of software that is meant for someone else’s system….

Take a look at this engineer’s experience here: