Microsoft Safety Scanner

by Microsoft Corporationv1.453.49.0

Last updated Jun 12, 2026

A scan tool designed to find and remove malware from Windows computers. Download it and run a scan to find malware and try to reverse changes made by identified threats.

Visit homepage

Install with winget

$ winget install --id Microsoft.SafetyScanner --exact --version 1.453.49.0

Run in Command Prompt, PowerShell, or Windows Terminal. Prompts for any agreements.

Built by Pckgr

For Intune admins

Stop chasing app updates. Pckgr patches them for you.

Automated application patching for Microsoft Intune. Pckgr keeps a curated library of 1,000+ apps continuously up-to-date in your tenant via Microsoft Graph - no manual repackaging, no chasing vendor sites.

Start free 30-day trial

No credit card required.

About

A scan tool designed to find and remove malware from Windows computers. Download it and run a scan to find malware and try to reverse changes made by identified threats.

The tool uses the same security intelligence update definitions as (among others) Microsoft Defender Antivirus. Safety Scanner does however not have an internal definition update checker, but does get app updates every 3-4 hours. Thus, the Winget package may lag some days behind Windows Update + Microsoft Defender Antivirus.

Installers · v1.453.49.0

Architecture	Type	Scope	Install	Download
x86	Portable	-		Direct
x64	Portable	-		Direct

Copy a command tailored to that specific architecture, type, and scope - useful when winget would otherwise pick a different default.

Security

10 known CVEs via NVD

high7.8Fix in v4.18.23100.2009CVE-2023-36422affects before 4.18.23100.2009Nov 14, 2023
Microsoft Windows Defender Elevation of Privilege Vulnerability
Patch Vendor advisory
high7.8Patched in wingetCVE-2023-38175affects before 1.1.23060.3001Aug 8, 2023
Microsoft Windows Defender Elevation of Privilege Vulnerability
Patch Vendor advisory
high7.8Patched in wingetCVE-2021-24092Feb 25, 2021
Microsoft Defender Elevation of Privilege Vulnerability
Patch Vendor advisory
high7.8Patched in wingetCVE-2021-1647Jan 12, 2021
Microsoft Defender Remote Code Execution Vulnerability
Patch Vendor advisory
high7.1Patched in wingetCVE-2020-1461Jul 14, 2020
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Patch Vendor advisory
high7.8Patched in wingetCVE-2020-1170Jun 9, 2020
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE...
Patch Vendor advisory
high7.8Patched in wingetCVE-2020-1163Jun 9, 2020
An elevation of privilege vulnerability exists in Windows Defender that leads arbitrary file deletion on the system.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Windows Defender Elevation of Privilege Vulnerability'. This CVE...
Patch Vendor advisory
high7.1Patched in wingetCVE-2020-1002Apr 15, 2020
An elevation of privilege vulnerability exists when the MpSigStub.exe for Defender allows file deletion in arbitrary locations.To exploit the vulnerability, an attacker would first have to log on to the system, aka 'Microsoft Defender Elevation of Privilege Vulnerability'.
Patch Vendor advisory

Showing 8 of 10. Source: NVD, updated just now. Patch status is best-effort: NVD's fix version is compared against the latest version in winget, but the two version formats don't always align. Confirm with the vendor advisory before treating any specific build as safe.

See a CVE that affects your fleet? Push the patched version to Intune in one click with Pckgr - automated patching is the only way to keep up.

Related apps

Microsoft Visual Studio CodeMicrosoft Corporation
Microsoft.VisualStudioCodev1.124.2
Microsoft Visual Studio Code is a code editor redefined and optimized for building and debugging modern web and cloud applications. Microsoft Visual Studio Code is free and available on your favorite platform - Linux, macOS, and Windows.
Microsoft Visual C++ v14 Redistributable (x86)Microsoft Corporation
Microsoft.VCRedist.2015+.x86v14.51.36247.0
The Microsoft Visual C++ v14 Redistributable Package (x86)
Gaming Services Repair Tool for PCMicrosoft Corporation
Microsoft.Gaming.GamingServicesRepairToolv10.0.26100.6893
A portable standalone tool to repair and fix problems with the following apps：Xbox App; Xbox Identity Provider; Game Bar; and Gaming Services. It can (and will) also try to update or install those apps, though not silently.
Microsoft TeamsMicrosoft Corporation
Microsoft.Teamsv26134.1702.4747.7366
Collaborate more effectively with a faster, simpler, smarter, and more flexible Teams.
Microsoft .NET Windows Desktop Runtime 8.0Microsoft Corporation
Microsoft.DotNet.DesktopRuntime.8v8.0.28
.NET is a free, cross-platform, open-source developer platform for building many different types of applications.
Windows App Runtime 1.8Microsoft Corporation
Microsoft.WindowsAppRuntime.1.8v1.8.8
Microsoft Windows App Runtime 1.8

Frequently asked questions

How do I install Microsoft Safety Scanner on Windows?

Open Windows Terminal, PowerShell, or Command Prompt and run: winget install --id Microsoft.SafetyScanner --exact --version 1.453.49.0. winget downloads the installer from Microsoft Corporation and runs it. Requires Windows 10 (1809+) or Windows 11.

How do I install Microsoft Safety Scanner silently for unattended deployment?

Add --silent and accept the agreements upfront: winget install --id Microsoft.SafetyScanner --exact 1.453.49.0 --silent --accept-package-agreements --accept-source-agreements. This is the variant Intune, Configuration Manager, and other deployment tools should use.

How do I uninstall Microsoft Safety Scanner via winget?

Run: winget uninstall --id Microsoft.SafetyScanner --exact. Add --silent for unattended uninstalls. winget will use the registered uninstaller from Microsoft Safety Scanner's Apps & Features entry.

Is Microsoft Safety Scanner free?

Microsoft Safety Scanner is distributed under Proprietary. Refer to the publisher (https://learn.microsoft.com/en-us/defender-endpoint/safety-scanner-download) for the full license terms - Wingetly itself does not charge for installation.

Does Microsoft Safety Scanner work on Windows 10?

Yes, as long as your Windows 10 build supports winget (1809 or newer). winget ships with App Installer on Windows 10/11 and pulls Microsoft Safety Scanner directly from the publisher.

How do I keep Microsoft Safety Scanner up to date?

Run winget upgrade --id Microsoft.SafetyScanner --exact, or winget upgrade --all to update everything winget tracks. We index 10 versions of Microsoft Safety Scanner from microsoft/winget-pkgs.

Recent versions

1.453.51.0
1.453.49.0latest
1.453.48.0
1.453.45.0
1.453.44.0
1.453.41.0
1.453.39.0
1.453.37.0
1.453.35.0
1.453.34.0