A technique that exploits Windows 10 Microsoft Store called ‘wsreset.exe’ can delete bypass antivirus protection on a host without being detected.
Wsreset.exe is a legitimate troubleshooting tool that lets users diagnose problems with the Windows Store and reset its cache.
Pentester and researcher Daniel Gebert has discovered that wsreset.exe can be abused to delete arbitrary files.
As wsreset.exe runs with elevated privileges because it deals with Windows settings, this bug would allow attackers to delete files even if they would not normally have the privileges.
Source: Bleeping Computer