• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft Defender drops “downpour” of false ransomware alerts on customers

You are here: Home / General Cyber Security News / Microsoft Defender drops “downpour” of false ransomware alerts on customers
March 17, 2022

Someone holding a padlock in front of the Microsoft logo

Microsoft has verified that a code issue in Microsoft Defender for Endpoint has led to a wave of bogus-good ransomware alerts for Microsoft consumers.

Some system administrators reported issues on Wednesday afternoon involving several ransomware detections in their file techniques.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Exclusively, the faulty alerts were titled ‘Ransomware behaviour detected in the file system’ and have been induced on ‘OfficeSvcMgr.exe.’, Microsoft claimed, with alerts developing for all over two hours between 14:39 – 16:50 (UTC).

It claimed a modern update that it deployed “within company factors that detect ransomware alerts” released a code issue that led to phony ransomware detections in the company’s security solution.

Microsoft has issued a different code update that ought to appropriate the challenge, according to Microsoft’s Steve Sholz, principal complex specialist at Microsoft, updating clients via social media.

Sholz stated Microsoft has current its cloud logic to suppress the untrue-constructive alerts and has re-processed a backlog of alerts to “completely remediate impact”. Affected consumers ought to discover the untrue-positives should really obvious from their portal without having any intervention.

Microsoft is now investigating how the code mistake slipped by way of its screening and validation processes, with the hope that it will avert equivalent issues from transpiring again in the potential.

Microsoft prospects claimed that the glitches started showing up just after they up to date their security definitions, which led to a “downpour of ransomware alerts” for some.

Microsoft Business office files were usually staying flagged as ransomware, according to some studies, whilst other behaviours like deleting shadow copies also activated wrong-positive alerts for some.

In other places, customers on Windows 11 have described quite a few complications considering that putting in the March security update, like gradual application load occasions just after booting, File Explorer lagging, and a malfunctioning Windows Terminal, amongst other issues.

IT Pro has contacted Microsoft to comprehend if it is conscious of the issues and what is remaining finished to tackle them, but it did not immediately reply at the time of publication.

A overall of 92 security vulnerabilities had been preset as element of the most recent March update, including a Windows 11 issue that prevented some people from erasing all their data files after a process reset.

Microsoft has also been criticised by process directors this year for releasing ‘broken’ patches that have led numerous organisations to forgo essential security fixes out of panic they could result in much more disruption than they remedy.

Windows Server directors explained January’s security fixes “made the problem worse”, which includes making an issue exactly where they ended up unable to see the Lively Directory setting in Microsoft Exchange, for illustration.


Some components of this post are sourced from:
www.itpro.co.uk

Previous Post: «Cyber Security News Landmark Online Safety Bill Introduced to UK Parliament

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Microsoft Defender drops “downpour” of false ransomware alerts on customers
  • Landmark Online Safety Bill Introduced to UK Parliament
  • Conversation Hijacking Soars 270% to Enable BEC
  • Supreme Court rules NSW elections void after IT glitch
  • Raspberry Pi Users Urged to Change Default Passwords as Attacks Surge
  • Russia Uses Deepfake of Zelensky to Spread Disinformation
  • How to secure business printers
  • TrickBot Malware Abusing Hacked IoT Devices as Command-and-Control Servers
  • SentinelOne to acquire Attivo Networks for $617 million
  • Ukraine Secret Service Arrests Hacker Helping Russian Invaders

Copyright © TheCyberSecurity.News, All Rights Reserved.