Microsoft Defender, Windows’ built-in antivirus, is considered reliable enough that the average user does not need a third-party program. Error, detected by Twitter user X yappy, demonstrates that sometimes Defender is overzealous in its function.
A text file with the phrase «This content is no longer available.» («This content is no longer available») can lead to a false positive. All you need to do is create a text file with this content and an arbitrary name in Notepad and save it. Microsoft Defender instantly marks it as a Trojan and removes it from the system (the author of the news did not work). If other characters are added to the file, no false detection occurs.
After some preliminary research, yappy and some other X Twitter users concluded that the false positive was caused by a SHA-256 collision. Most commentators now agree that the text string has been used in several previous threats, which is what triggers Windows Defender.
This bug is not the first time Defender has had problems. Microsoft actually broke it in 2020 due to an update bug, and another critical bug was fixed in 2019. However, apart from these cases, Microsoft Defender can still be considered a good antivirus.
Source: Tom`s Hardware
Spelling error report
The following text will be sent to our editors: