Microsoft Defender Antivirus flags harmless text as a virus: what happened?
A recent bug in Microsoft Defender, where a text file with the phrase "This content is no longer available" was incorrectly identified and removed as a threat, demonstrates the need for continued improvements to antivirus programs.
False positive
Text phrase detection
The usual phrase in Russian "This content is no longer available" led to an unexpected Microsoft Defender triggered. It was enough to create a text file with such content in Notepad and save it, and the antivirus regarded it as a Trojan threat and deleted it from the system. However, if other characters were added to the file, no false detection occurred.
Cause of false positive
After preliminary analysis of Twitter users, it was revealed that the cause of false positive became a SHA-256 collision. This text string was previously used in some threats, which caused Windows Defender to trigger.
Previous problems with Defender
This error is not the first time that Microsoft Defender has had problems. In 2020, the antivirus was actually broken due to an update error, and in 2019 another critical vulnerability was fixed. However, other than these cases, Microsoft Defender is still considered a fairly reliable antivirus solution.
Glossary
- Microsoft Defender is a built-in antivirus in the Windows operating system from Microsoft, designed to detect and eliminate malicious software.
- Twitter is a popular social network for exchanging short text messages.
- SHA-256 is a cryptographic hash function used to verify data integrity.
Links
- https://x.com/rari_teh/status/1804261134146355428
- https://www.tomshardware.com/software/antivirus/microsoft-defender-flags-text-file-containing-this-content-is -no-longer-available-as-a-severe-threat
Answers to questions
How effective is the built-in Windows Defender antivirus for the average user?
What was the problem with Defender discovered by X Twitter yappy?
What was the suspected cause of the Defender false alarm?
Was this the first time you've had problems with Windows Defender?
Is Windows Defender a reliable antivirus solution despite the problems found?
Hashtags
Save a link to this article
Discussion of the topic – Microsoft Defender Antivirus flags harmless text as a virus: what happened?
In rare cases, Windows' built-in antivirus, Microsoft Defender, may mistakenly identify a harmless text file as a virus threat, as demonstrated by a recent incident involving Twitter user yappy.
Latest comments
8 comments
Write a comment
Your email address will not be published. Required fields are checked *
ДмитрийУкраина
Interestingly, Defender triggered due to a string previously used in the malware. Although, of course, false positives are not ideal. 🤔
АннаФранция
This is a really strange situation. But I'm glad Microsoft is fixing bugs like this. Overall, Defender is a good antivirus for the average user. 👍
ЯнПольша
Ha, funny situation! It’s interesting how a text file with such a phrase could trigger the antivirus. Hopefully Microsoft will fix this issue. 😄
ГригорийУкраина
These antivirus trends make me laugh. Why use Defender at all when there are free and more reliable alternatives? 🙄 It's better to avoid problems from the very beginning.
ЮлияИталия
I agree, @GrigoryUkraine, but many users prefer built-in solutions. The main thing is that Microsoft admits the mistakes and is working to fix them. 💻
МануэльИспания
Yeah, hash collision is a fun thing! 😆 But it seems the problem is not too serious. I'm glad that Microsoft is closely monitoring security.
ЭрихГермания
It's a little concerning that Defender reacts too aggressively to harmless text files. But in general, it is suitable for basic protection. At least it's better than nothing. 🛡️
ДжейсонАнглия
Hah, funny Defender bug! But I agree with @JuliaItaly, it's good that Microsoft is working on fixing problems like this. 💪