• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
microsoft releases scripts to restore shortcuts deleted in faulty windows

Microsoft releases scripts to restore shortcuts deleted in faulty Windows Defender update

You are here: Home / General Cyber Security News / Microsoft releases scripts to restore shortcuts deleted in faulty Windows Defender update
January 16, 2023

Getty Pictures

Microsoft has introduced scripts in an try to enable buyers repair an issue brought about by a faulty Windows Defender update issued on 13 January.

The tech giant pushed a Microsoft Defender for Endpoint update which triggered buyers to experience a “series of fake good detections” for the Attack Area Reduction (ASR) rule: ‘Block Win32 API calls from Business office macro’. The consequence had the unintended result of deleting Windows shortcut (.lnk) information, and only influenced update builds among 1.381.2134. and 1.381.2163..

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Microsoft released guidelines on 14 January detailing how to enable procedure directors restore shortcuts that ended up accidentally deleted by the update. Very first, the tech huge is advising clients to update to develop 1.381.2164. or later on. Having said that, this will not restore deleted information.

When the update was to begin with deployed and technique administrators were hunting for methods to repair service their devices, one of the instructed fixes prompt by administrators was to change “Block Get32 calls from Office macros” into audit manner. Microsoft has now said this can safely be turned again into block mode once the new update has been put in and deployed.

The tech large has also outlined measures clientele can acquire to retrieve deleted Windows shortcuts. It mentioned this works for “a substantial subset of the impacted apps that ended up deleted”. The measures are presented in a PowerShell script, with Edition 1.1 offered on GitHub.

Microsoft has delivered Microsoft Defender innovative searching queries (AHQs) to assistance administrators uncover shortcuts that have been influenced by the rule “Block Acquire32 API phone calls from Office environment macro”. There are a few AHQs in overall:

  • The initially retrieves block occasions from products running the ASR rule which has block method enabled
  • The second retrieves occasions from products jogging the ASR rule, which have enabled both block and audit manner
  • The third AHQ retrieves the quantity of equipment managing the ASR rule and finds out whether or not it exceeds 10,000 equipment
  • Some administrators have voiced issues about the scripts delivered by Microsoft, professing that they never report all the shortcuts that have been shed.

    “We have many equipment that have shed at the very least all workplace shortcuts. The AH[Q] only stories a number of of them,” wrote one person on the Microsoft group web site. 

    “This script isn’t a definitive fix, it misses numerous applications as talked over by other individuals. You can’t simply just customise it/include all your apps as indicated and does not genuinely ‘restore’ something – it just generates a new shortcut as the unique folders in commence menu [and] programs still exist but the shortcut is not restored there,” claimed one person.

    “Also isn’t going to address something other than the get started menu [such as] speedy obtain [or] toolbar shortcuts. Three days on and [this is] the best Microsoft can do? And the subsequent update is 8pm tonight UTC.”

    Because buyers have professional challenges with the scripts, customers of the local community have developed their own answers and are sharing backlinks to GitHub with their possess scripts.

    Tech personnel have been engaged in on the net conversations, seeking to wonderful-tune the crowdsourced remedies to the Windows Defender issues. 

    The local community-designed scripts are lacking in operation for non-English speaking countries, even so, a substantial record of purposes have been added with additional currently being included all over Monday.

    At the time of creating, significant programs from Microsoft, Adobe, Google, Mozilla, Dell, Nvidia, RingCentral, and a lot of much more are supported with buyers reporting good outcomes.


    Some components of this report are sourced from:
    www.itpro.co.uk

    Previous Post: «raccoon and vidar stealers spreading via massive network of fake Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software
    Next Post: Qbot Overtakes Emotet in December 2022’s Most Wanted Malware List Cyber Security News»

    Reader Interactions

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Primary Sidebar

    Report This Article

    Recent Posts

    • Over 269,000 Websites Infected with JSFireTruck JavaScript Malware in One Month
    • Ransomware Gangs Exploit Unpatched SimpleHelp Flaws to Target Victims with Double Extortion
    • CTEM is the New SOC: Shifting from Monitoring Alerts to Measuring Risk
    • Apple Zero-Click Flaw in Messages Exploited to Spy on Journalists Using Paragon Spyware
    • WordPress Sites Turned Weapon: How VexTrio and Affiliates Run a Global Scam Network
    • New TokenBreak Attack Bypasses AI Moderation with Single-Character Text Changes
    • AI Agents Run on Secret Accounts — Learn How to Secure Them in This Webinar
    • Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction
    • Non-Human Identities: How to Address the Expanding Security Risk
    • ConnectWise to Rotate ScreenConnect Code Signing Certificates Due to Security Risks

    Copyright © TheCyberSecurity.News, All Rights Reserved.