Microsoft releases an official fix for the Windows Defender bug
Microsoft has released KB4052623, an update that addresses an issue with Windows Defender that was preventing scans from running properly.
While a workaround had been suggested by some, now there is an official fix available which should banish the "Windows Defender skipped an item due to exclusions or network protection settings" error message.
- Security warning: Microsoft has broken Windows Defender with an update for Windows 10
- There's a simple fix for the Windows Defender bug in Windows 10
- Microsoft is pausing all but essential security updates for Windows 10
The KB4052623 update -- also referred to as "Update for Windows Defender antimalware platform" -- is available for Windows 10, Windows Server 2019 and Windows Server 2016. While the description for the update does not give any details about what it addresses, Günter Born -- who wrote about the bug itself and the workaround -- reports that he has been contacted by people who had been affected by the Windows Defender error who say the problems have vanished.
Microsoft notes some known issues with the update which it's worth being aware of:
- New file path
Because of a change in the file path location in the update, many downloads are blocked when AppLocker is enabled.
To work around this issue, open Group Policy, and then change the setting to Allow for the following path:
- Secure Boot issue in version 4.18.1901.7
Some devices that are running Windows 10 do not start if they have Secure Boot turned on.
We are working on this issue and plan to provide a fix in a future update. To work around this issue in the meantime, follow these steps:
- Restart the device, and enter the BIOS.
- Turn off Secure Boot, and then restart the device again.
- In an administrative Command Prompt window, run the following command:"%programdata%\Microsoft\Windows Defender\Platform\4.18.1901-7\MpCmdRun.exe" -revertplatform
- Wait for one minute, and then do the following:
- Run sc query windefend to verify that the Windows Defender service is running.
- Run sc qc windefend to verify that the Windows Defender binary no longer points to version 4.18.1901.7.
- Restart the device, re-enter the BIOS, and then turn on Secure Boot.
- High network traffic observedEnterprises that use Network Protection in either Audit or Block mode may experience greater than expected network traffic departing their networks to Microsoft Defender SmartScreen-associated domains. This affects customers who are running version 4.18.2001.10. We are working on a service update to address this issue. In the interim, you can work around this issue by temporarily disabling Network Protection.
You can grab KB4052623 from Windows Update, or the Microsoft Update Catalog.