Microsoft Defender is still causing users a huge headache
(Image credit: Microsoft)
There are only two ‘Friday the 13th’s in 2023, and the first has already seen Microsoft scrambling to fix an issue that affected users’ Start menus and taskbars following a botched update to its Defender antivirus.
Following the mishap, Microsoft took to the Internet to confirm (opens in new tab) that many users had experienced “a series of false positive detections” for the “Block Win32 API calls from Office macro” Attack Surface Reduction (ASR) rule, leading to many program shortcuts (.lnk files) vanishing.
Among the initially suggested fixes from the company was to turn the “Block Win32 API calls from Office macro” rule into audit mode, however Microsoft has now issued a more comprehensive fix that, after deploying, will allow users to turn the ASR rule back into block mode.
Microsoft Defender problem
The company has told users to upgrade to security intelligence build 1.381.2164.0 or later. An extract from the help page reads:
“Microsoft has confirmed steps that customers can take to recreate start menu links for a significant sub-set of the affected applications that were deleted.”
The steps have been provided as a PowerShell script on a GitHub page (opens in new tab) – a developer platform that Microsoft owns. There’s also a set of instructions for deploying the script using Intune, which many users were vocal about when it came to discussing the blunder on platforms like Reddit (opens in new tab) and Microsoft’s own Tech Community page (opens in new tab).
> We’ve rounded up the best patch management software
> Fake ChatGPT apps are everywhere on Android and iOS app stores
> A whole load of phishing emails make it past Microsoft Defender, researchers say
One user asked Microsoft “why Defender did not record the lnk file deletions”.
As the problem continues to be an ongoing source of disruption among Microsoft users, it’s unclear whether the fix has been enough for the tech giant to restore some of its lost faith. Overall, user experiences remain a mixed bag, with some claiming successful restores, and others reporting errors.
Are you a pro? Subscribe to our newsletter
Sign up to theTechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
With several years’ experience freelancing in tech and automotive circles, Craig’s specific interests lie in technology that is designed to better our lives, including AI and ML, productivity aids, and smart fitness. He is also passionate about cars and the electrification of personal transportation. As an avid bargain-hunter, you can be sure that any deal Craig finds is top value!