New method that Involved With Defender Antivirus scanning process over SMB leads to Windows Defender Antiveirus Bypass and allows any Malware to run into Windows OS. CyberArk, meanwhile, said it has already disclosed similar issues to other security vendors. Once an attacker puts the malicious file into the share, the attacker can control which file to notify the Windows Defender that it will run. Cyberark said this behavior is just the opposite and that even if Windows Defender is not able to scan a file, it would still allow the process to execute.”]
Source: https://gbhackers.com/windows-defender-antivirus-bypass/