Hi and thanks for your report.
Please could you share some more details on your observation:
- The used Windows version
- The output of the specific plugin
The Malware Protection is a part of Windows Defender which is in turn directly integrated into Windows since Windows Vista/7.
In the case above the VT is checking the version of this Windows integrated engine via the EngineVersion
entry of the HKLM\SOFTWARE\Microsoft\Windows Defender\Signature Updates
Registry-Key for a version lower then 1.1.14405.2
(see the output of the mentioned VT).
As this is an integrated part of Windows it shouldn’t matter if any third party endpoint is running on the target system and you still would need to update the Windows Defender to a later version to get this vulnerability fixed.