SOLVED

Defender for endpoint incorrect malware reporting on security portal

Copper Contributor

We have few machines which had malware at the time of defender AV scan and the same was remediated by defender AV and an alert was generated on security portal. However it's been many days since malware was detected and remediated but the alert for this device still appears on security portal.

When checking the alert details it shows old alert only. 

Is this something related to incorrect defender for Endpoint reporting or do we need to check something else.

2 Replies
best response confirmed by Cloud0009 (Copper Contributor)
Solution

@Cloud0009 We have a similar case opened with MS support where the portal is reporting old malware still active as alerts but nothing related on the actual device events or alerts. MS support mentioned that this was a bug and is expected to get fixed by this week

@ambarish Thanks a lot for your inputs
1 best response

Accepted Solutions
best response confirmed by Cloud0009 (Copper Contributor)
Solution

@Cloud0009 We have a similar case opened with MS support where the portal is reporting old malware still active as alerts but nothing related on the actual device events or alerts. MS support mentioned that this was a bug and is expected to get fixed by this week

View solution in original post