Microsoft Defender scares admins with Emotet false positives

Microsoft Defender for Endpoint is currently blocking Office documents from being opened and some executables from launching due to a false positive tagging the files as potentially bundling an Emotet malware payload. Windows system admins are reporting [, , , , ] that this is happening since updating Microsoft’s enterprise endpoint security platform (previously known as Microsoft Defender ATP) definitions to version 1.353.1874.When triggered, Defender for Endpoint will block the file from opening and throw an error mentioning suspicious activity linked to Win32/PowEmotet.SB or Win32/PowEmotet.SC.

Link: Microsoft Defender scares admins with Emotet false positives
via http://www.bleepingcomputer.com

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: