"The false positive, tied to detections for Trojan:Win32/Cerdigent.A!dha, caused Defender to flag legitimate DigiCert root certificates as malicious after an April 30 signature update."
"The unexpected alerts caused confusion among users and IT teams, as certificate-based detections are often associated with serious compromises."
"Microsoft later clarified the detections were introduced in response to a DigiCert security incident involving compromised code-signing certificates."
A Microsoft Defender update on April 30 caused legitimate DigiCert root certificates to be flagged as malware, disrupting trust stores for IT teams. The false positive was linked to detections for Trojan:Win32/Cerdigent.A!dha, leading to the removal of trusted certificates from Windows systems. This incident created confusion among users, as many treated the alerts as signs of real infections, resulting in unnecessary actions like full system rebuilds. Microsoft later clarified that the detections were related to a DigiCert security incident involving compromised code-signing certificates.
Read at TechRepublic
Unable to calculate read time
Collection
[
|
...
]