Forum Discussion
Antivirus deletes all shortcuts from the desktop
After this morning's update of security intelligence to version 1.381.2140.0, defender is deleting on all clients all links to applications; does anyone have the same problem?
Have the same exact issue but we do not even have the Block Win32 API Calls from Office Macro configured within our ASR rules so very frustrated to be in this position.
To force the point. I have created a new rule and set Block Win32 API Calls from Office Macro to Audit mode.
Hoping this calms things down.
- Setting the ASR rule to audit instead of block is a big security risk.
Just don't do it. Wait until a fix is released. I hope MS will push the fix soon.
Great job on Friday the 13th though 🙂- thats the official Microsoft line .. had that from support on an email . Never realised Friday 13Th .. nightmare
- Me too; the damage is already done
Shayanlarkburywhere are you creating this rule?
- Endpoint Manager > Endpoint Security > Attack Surface Reduction > Create a Policy here.
As in the trailing comments. Hoping once MS resolves this problem, we can switch this policy back to block....- I find it inconceivable that they recommend disabling such an important rule until they fix the problem
