Defender update deletes Windows Start menu and Taskbar shortcuts – Software


An update pushed to Microsoft’s Defender for Endpoints anti-malware utility has deleted application and utility shortcuts for Windows users worldwide, ahead of the weekend.

A Defender signature update, version 1.381.2140.0, contained an Attack Surface Reduction (ASR) rule named “Block Win32 API calls from Office macro”, 

Microsoft has confirmed that it is a faulty rule that deleted the Start menu and Taskbar shortcuts, and said the issue has now been resolved, referring users to item MO4977128 in the admin centre portal.

Users have published workarounds to remedy the issue, but applying them appear to be onerous for administrators.

It is possible to use Microsoft’s InTune utility to restore shortcuts, icons and apps, but admins are complaining that the process is too slow and that they will have to spend days to manually repair each affected computer.

A large number of users and administrators have reported that icons and application shortcuts were deleted from the Start menu and Taskbar, although the exact number is not known.

ASRs were introduced with the Microsoft Defender Antivirus in Windows 10, version 1709, with the full set of rules only available to customers with an Enterprise license.





Source link