Aug 31 2022 09:10 PM
We have few machines which had malware at the time of defender AV scan and the same was remediated by defender AV and an alert was generated on security portal. However it's been many days since malware was detected and remediated but the alert for this device still appears on security portal.
When checking the alert details it shows old alert only.
Is this something related to incorrect defender for Endpoint reporting or do we need to check something else.
Sep 05 2022 07:34 PM
Solution@Cloud0009 We have a similar case opened with MS support where the portal is reporting old malware still active as alerts but nothing related on the actual device events or alerts. MS support mentioned that this was a bug and is expected to get fixed by this week
Sep 06 2022 01:35 AM
Sep 05 2022 07:34 PM
Solution@Cloud0009 We have a similar case opened with MS support where the portal is reporting old malware still active as alerts but nothing related on the actual device events or alerts. MS support mentioned that this was a bug and is expected to get fixed by this week