A Microsoft warned this Wednesday (29) users of the Windows operating system that a bug in the antivirus causes Defender to mark safe links as a virus. The company announced the problem on Twitter and said it is already aware of the case.
As a result, system administrators will receive a much higher volume of these fake email security alerts. According to the Redmond company, the issue can be traced to “DZ534539” in the Microsoft 365 Admin Center portal.
We’re investigating an issue where legitimate URL links are being incorrectly marked as malicious by the Microsoft Defender service. Additionally, some of the alerts are not showing content as expected. Further details can be found under DZ534539 within the admin center.
— Microsoft 365 Status (@MSFT365Status) March 29, 2023
The company highlighted that engineers are investigating what generates the false positive and are reviewing service monitoring telemetry to create a fix. Safe Links Alert is a native feature of Microsoft Defender.
It is worth noting that the purpose of this resource is to protect the organization against phishing and other types of cyber attacks that can compromise data security, with a additional layer of protection against malicious links.
When activated, the resource checks all links in email messages, for example, for suspicious activity. When a URL link is considered suspicious, Defender then displays a warning to the user, alerting them to the potential risk during access.
There is no forecast for the release of the bug fix.