![]() ![]() Sources told us Microsoft halted the update before it reached users in North America. Those who didn't have the "Block Win32 API call from Office macro" turned on in block mode or didn't update to the builds 1.381.2134.0, 1.381.2140.0, 1.381.2152 and 1.381.2163.0 were not hit by the mess. It means block mode could be safely turned on however, crucially, this will not restore deleted files. ![]() Microsoft is currently advising customers to update to 1.381.2164.0 (the latest updated security intelligence build) or later. There are thousands of administrators across the globe now having to repair their environments, which is causing a major impact on productivity These detections resulted in the deletion of files that matched the incorrect detection logic primarily impacting Windows shortcut (.lnk) files." "Windows Security and Microsoft Defender for Endpoint customers may have experienced a series of false positive detections for the Attack Surface Resolution (ASR) rule 'Block Win32 API calls from Office macro' after updating to security intelligence builds between 1.381.2134.0 and 1.381.2163.0. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |