Share this article on:
Microsoft Defender, the free anti-malware software that comes inbuilt into Windows, has been falsely flagging URLs as malicious.
The company announced on Twitter that it was aware of the bug and that an investigation is underway into the cause.
We're investigating an issue where legitimate URL links are being incorrectly marked as malicious by the Microsoft Defender service. Additionally, some of the alerts are not showing content as expected. Further details can be found under DZ534539 within the admin center.
— Microsoft 365 Status (@MSFT365Status) March 29, 2023
Microsoft has urged that despite the false positive alerts, users are still able to access legitimate links flagged as malicious.
At this stage, Microsoft is still investigating the issue and has said it is “reviewing diagnostics such as network telemetry data to verify the root cause and identify a path to resolution”.
The tech giant warned that tech admins would likely see an increased number of high-severity alert emails that warn of a potentially malicious URL was clicked.
Since the issue arose yesterday, some customers have received dozens of alert emails warning of malicious URLs, according to BleepingComputer.
Responding to Microsoft’s tweet, a number of users and admins have expressed issues caused by the bug, such as an increased number of quarantined emails and being inundated with alerts.
Yeah, the 987 Alerts I got for Zoom accounts has been a good time today ? pic.twitter.com/Cix2CipagY
— Adam (@Reptarr2) March 29, 2023
@MSFT365Status Would this cause defender to quarantine a ton more emails than normal? We are inundated with tens of requests this morning when it is normally only one or two if any.
— Jared does IT (@ItsAnAsp3n) March 29, 2023