Comment by derwiki
3 days ago
Antivirus wasn’t mandatory in 2007 after the 2003 Blaster Worm, that required no user action to compromise the PC? Wild
3 days ago
Antivirus wasn’t mandatory in 2007 after the 2003 Blaster Worm, that required no user action to compromise the PC? Wild
On the other hand there was e.g. CVE-2021-1647 where Microsoft's antivirus would compromise the PC with no user action.
(At least I think that's the one I'm thinking of. It's marked as a high-severity RCE with no user interaction but they don't give any details. There was definitely at least one CVE where Windows Defender compromised the system by unsafely scanning files with excessive privileges.)
People forget that prior to Microsoft releasing Defender, antivirus on Windows was universally bad. Like "make your machine almost unusable" bad.
This was also before SSDs as well.
With local build times already measured in multiple hours (large C++ code bases, lots of caches obj files loaded from central build servers to make local incremental rebuilds even possible), Microsoft didn't want to make things worse by forcing any bloat on developer machines.
Maybe they fired everyone who was working there in 2003. Would explain some things.