Microsoft stressed that it will take several hours for the updated rule to work, as was originally conceived by the developers. Subsequently, Microsoft disabled the incorrect ASR rule (signature update 1.381.2164.0) and asked clients to check the SI MO497128 in the central administration for additional updates. The former lost the ability to quickly launch familiar applications, the latter were forced to look for a way to restore shortcuts removed by Microsoft Defender.
This affected both the shortcuts of the software of Microsoft itself (for example, Office) and third-party applications ( Google Chrome, Mozilla Firefox, etc.)Īs Bleeping Problem notes, the problematic rule on the eve of the weekend brought chaos to the work of corporate users of Windows machines and system administrators serving them. This rule allows the program to detect and suppress attempts to access malicious Win32 ON API using VBA macros.Īfter making changes to the corresponding rule, Microsoft Defender began to demonstrate cases of false operation, as a result of which the shortcuts of user applications located on the Windows desktop, in the Start menu, as well as on the Quick Access toolbar were removed - the antivirus considered them malicious programs. On January 13, 2023, Microsoft released an antivirus signature update for Microsoft Defender for Endpoint version 1.381.2140.0, which, in particular, changed the operation of the ASR mechanism rule (Attack Surface Reduction "shortening directions" attacks) called "Block Win32 API calls from Office macro" (ID: 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b). Antivirus, part of the Windows operating systems, mistook shortcuts on the desktop and in the start menu for malware. Microsoft Defender mistakenly removed shortcuts to users of Windows 10 and Windows 11 operating systems, used to quickly launch programs installed on your PC. Main article: Antiviruses 2023: Windows proprietary antivirus removed custom shortcuts on desktop and Start menu
0 kommentar(er)
