Tor Browser, a popular software that allows users to browse the web anonymously and access the dark web, is no longer detected as malware by Microsoft Defender, the built-in antivirus program of Windows 10.
Microsoft Defender, formerly known as Windows Defender, is a security software that provides real-time protection against various threats, such as viruses, spyware, ransomware, and phishing. It is enabled by default on Windows 10 devices and can be managed through the Windows Security app.
However, Microsoft Defender has been known to flag some legitimate programs as malware, especially those that are related to hacking, privacy, or encryption. This is a common problem in the antivirus industry, where false positives can occur due to heuristic analysis, behavioral detection, or signature-based scanning.
One of the programs that has been affected by this issue is Tor Browser, which is based on the Firefox web browser and uses the Tor network to protect the identity and location of its users. Tor Browser also allows users to access .onion sites, which are hidden services that are only reachable through the Tor network.
Tor Browser has been detected as malware by Microsoft Defender for several years, under different names, such as HackTool:Win32/Torjan, Trojan:Win32/Occamy.C, Trojan:Win32/Critet.BS, and Trojan:Win32/Fuery.A!cl. These detections have caused confusion and frustration among Tor users, who had to either disable Microsoft Defender or add Tor Browser as an exception to use it.
According to a recent report by BleepingComputer, Microsoft has finally removed the malware detection for Tor Browser in Microsoft Defender. This means that Windows 10 users can now download, install, and use Tor Browser without any interference from Microsoft Defender.
BleepingComputer tested the latest version of Tor Browser (10.5.6) on Windows 10 and confirmed that Microsoft Defender did not detect it as malware. They also checked the VirusTotal service, which scans files with multiple antivirus engines, and found that none of the 69 engines detected Tor Browser as malware.
The reason for this change is not clear, as Microsoft has not made any official announcement or explanation. However, BleepingComputer speculated that it could be due to the increased popularity and legitimacy of Tor Browser, which is used by millions of people around the world for various purposes, such as journalism, activism, research, and censorship circumvention.
Tor Browser is not the only program that has been falsely detected as malware by Microsoft Defender. In the past, Microsoft Defender has also flagged other legitimate programs, such as Process Hacker, Wget, Curl, Discord, Cheat Engine, and more. Some of these detections have been fixed by Microsoft, while others are still ongoing.
False positives can have negative consequences for both users and developers, as they can damage the reputation of the software, reduce the trust in the antivirus, and cause unnecessary alerts and disruptions. Therefore, it is important for antivirus vendors to constantly review and improve their detection methods and criteria, and for users to report any false positives they encounter.
To report a false positive to Microsoft, users can use the Microsoft Defender Security Intelligence Submission portal, where they can upload the file or URL that was wrongly detected and provide feedback. Users can also use the Windows Security app to restore the file or URL from quarantine and add it as an exception.
Tor Browser is a free and open-source software that can be downloaded from the official Tor Project website. It is available for Windows, Mac, Linux, and Android platforms. Tor Browser is one of the best ways to browse the web anonymously and securely, as it prevents third parties from tracking, censoring, or compromising your online activity.