Recently, Microsoft updated Microsoft Defender to version 4.18.2008.9, and also added new features to its console management tool, MpCmdRun.exe. Now it can be used to download any file from the Internet.
The console MpCmdRun.exe utility is part of Microsoft Defender. It is used mostly for scheduled scanning tasks by IT administrators. The MpCmdRun.exe tool has a number of command line switches which can be viewed by running MpCmdRun.exe with "/?".
The most recent version of the
MpCmdRun.exe tool supports the following syntax
MpCmdRun.exe -DownloadFile -url [url to a remote file] -path [local path to save the file]
And this really works. The researcher @mohammadaskar2, who noticed the presence of the option, has demoed the use of
MpCmdRun.exe to download a file from the Internet.
To reproduce his experience, navigate to the C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2008.9-0 folder (adjust the platform version if needed).
There, open a new command prompt, and type above command.
Provide the URL to the file you want to download, and the actual local path to the file you want to save the downloaded file to.
It will be silently downloaded to the location you specified.
Thanks to Roman Linev for sending the tip.