> So Windows Defender isn't bundled as a part of Windows 10?
It was also bundled as part of Windows 8.1, Windows 8, Windows 7, and Windows Vista on top of being available as a free download for Windows XP (and even 2000 during the beta phase).
The current form, after the Microsoft Security Essentials package was merged in, didn't come about until Windows 8 but Windows Defender as a product dates back to Microsoft's purchase of GIANT Software.
Either way you call it, XP or 8, saying Defender is a Windows 10 thing is like saying Firefox is an Ubuntu 19.04 thing. Sure, Ubuntu 19.04 does bundle Firefox, but so did many versions prior.
---
It's also worth noting that almost every antimalware product has an option to submit unknown binaries for analysis, and almost every one of those either enables it by default or very strongly suggests that you do so during setup to the point that I'd imagine most installations that aren't managed under corporate policy are submitting samples.
Sure. But Windows users often installed it on Windows 7. And on Windows XP, as I recall.
Also, other anti-malware apps typically upload novel binaries. And their test machines likely run them, with network access, for the same reasons that Microsoft does.
So this exfiltration channel may well have existed for decades. Whether it's been used or not is an open question, though.
It was also bundled as part of Windows 8.1, Windows 8, Windows 7, and Windows Vista on top of being available as a free download for Windows XP (and even 2000 during the beta phase).
The current form, after the Microsoft Security Essentials package was merged in, didn't come about until Windows 8 but Windows Defender as a product dates back to Microsoft's purchase of GIANT Software.
Either way you call it, XP or 8, saying Defender is a Windows 10 thing is like saying Firefox is an Ubuntu 19.04 thing. Sure, Ubuntu 19.04 does bundle Firefox, but so did many versions prior.
---
It's also worth noting that almost every antimalware product has an option to submit unknown binaries for analysis, and almost every one of those either enables it by default or very strongly suggests that you do so during setup to the point that I'd imagine most installations that aren't managed under corporate policy are submitting samples.