• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft releases scripts to restore shortcuts deleted in faulty Windows Defender update

You are here: Home / General Cyber Security News / Microsoft releases scripts to restore shortcuts deleted in faulty Windows Defender update
January 16, 2023

Windows 11 and Windows 11 displayed on two different laptops

Getty Pictures

Microsoft has introduced scripts in an try to enable buyers repair an issue brought about by a faulty Windows Defender update issued on 13 January.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The tech giant pushed a Microsoft Defender for Endpoint update which triggered buyers to experience a “series of fake good detections” for the Attack Area Reduction (ASR) rule: ‘Block Win32 API calls from Business office macro’. The consequence had the unintended result of deleting Windows shortcut (.lnk) information, and only influenced update builds among 1.381.2134. and 1.381.2163..

Microsoft released guidelines on 14 January detailing how to enable procedure directors restore shortcuts that ended up accidentally deleted by the update. Very first, the tech huge is advising clients to update to develop 1.381.2164. or later on. Having said that, this will not restore deleted information.

When the update was to begin with deployed and technique administrators were hunting for methods to repair service their devices, one of the instructed fixes prompt by administrators was to change “Block Get32 calls from Office macros” into audit manner. Microsoft has now said this can safely be turned again into block mode once the new update has been put in and deployed.

The tech large has also outlined measures clientele can acquire to retrieve deleted Windows shortcuts. It mentioned this works for “a substantial subset of the impacted apps that ended up deleted”. The measures are presented in a PowerShell script, with Edition 1.1 offered on GitHub.

Microsoft has delivered Microsoft Defender innovative searching queries (AHQs) to assistance administrators uncover shortcuts that have been influenced by the rule “Block Acquire32 API phone calls from Office environment macro”. There are a few AHQs in overall:

  • The initially retrieves block occasions from products running the ASR rule which has block method enabled
  • The second retrieves occasions from products jogging the ASR rule, which have enabled both block and audit manner
  • The third AHQ retrieves the quantity of equipment managing the ASR rule and finds out whether or not it exceeds 10,000 equipment
  • Some administrators have voiced issues about the scripts delivered by Microsoft, professing that they never report all the shortcuts that have been shed.

    “We have many equipment that have shed at the very least all workplace shortcuts. The AH[Q] only stories a number of of them,” wrote one person on the Microsoft group web site. 

    “This script isn’t a definitive fix, it misses numerous applications as talked over by other individuals. You can’t simply just customise it/include all your apps as indicated and does not genuinely ‘restore’ something – it just generates a new shortcut as the unique folders in commence menu [and] programs still exist but the shortcut is not restored there,” claimed one person.

    “Also isn’t going to address something other than the get started menu [such as] speedy obtain [or] toolbar shortcuts. Three days on and [this is] the best Microsoft can do? And the subsequent update is 8pm tonight UTC.”

    Because buyers have professional challenges with the scripts, customers of the local community have developed their own answers and are sharing backlinks to GitHub with their possess scripts.

    Tech personnel have been engaged in on the net conversations, seeking to wonderful-tune the crowdsourced remedies to the Windows Defender issues. 

    The local community-designed scripts are lacking in operation for non-English speaking countries, even so, a substantial record of purposes have been added with additional currently being included all over Monday.

    At the time of creating, significant programs from Microsoft, Adobe, Google, Mozilla, Dell, Nvidia, RingCentral, and a lot of much more are supported with buyers reporting good outcomes.


    Some components of this report are sourced from:
    www.itpro.co.uk

    Previous Post: «raccoon and vidar stealers spreading via massive network of fake Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software

    Reader Interactions

    Leave a Reply Cancel reply

    Your email address will not be published. Required fields are marked *

    Primary Sidebar

    Report This Article

    Recent Posts

    • Microsoft releases scripts to restore shortcuts deleted in faulty Windows Defender update
    • Raccoon and Vidar Stealers Spreading via Massive Network of Fake Cracked Software
    • A Secure User Authentication Method – Planning is More Important than Ever
    • CISA Warns for Flaws Affecting Industrial Control Systems from Major Manufacturers
    • Hackers Hijack NortonLifeLock Customer Accounts
    • New Backdoor Created Using Leaked CIA’s Hive Malware Discovered in the Wild
    • US Court Orders $17m Be Given to BitConnect Victims
    • TikTok Fined Over $5m for Cookie Violations
    • Guide to Building Secure, Compliant Containerswww.drata.comContainer Security / DevSecOpsA guide to improving container security posture for cloud-first organizations. Download it now.
    • Malware Attack on CircleCI Engineer’s Laptop Leads to Recent Security Incident

    Copyright © TheCyberSecurity.News, All Rights Reserved.