New
#1
What is this odd security warning?
I started getting odd warnings like the one posted below from Defender on my desktop PC and shortcuts being deleted. I then recovered a Reflect backup from 23 Dec well before this started happening today but started getting the warning posted below and shortcuts deleted again. I'm mystified what this is due and how to recover.
Update - To save you reading the rest of this thread, this issue and deleted shortcuts on the taskbar, desktop (including nested folders) and the start menu are due to a spectacular cockup by Microsoft on Friday 13th. A bad Defender signature (1.381.2140.0) released yesterday (now pulled) caused the ASR rule (Rule ID: 92e97fa1-2edf-4476-bdd6-9dd0b4dddc7b) to misbehave and trigger against users' app shortcuts, falsely tagging them as malicious. The deleted shortcuts will need to be reinstated manually or you can recover from a recent backup.
Microsoft advise This issue is resolved in security intelligence update build 1.381.2164.0. Installing security intelligence update build 1.381.2164.0 or later should prevent the issue, but it will not restore previously deleted shortcuts
I'm going to recover from a recent Reflect backup and disconnect from the internet whilst I restore Defender settings to default using Config Defender where I had set some aggressive ASR rules.
So much for Microsoft's QA
Last edited by Steve C; 14 Jan 2023 at 03:38.