Microsoft Defender for Endpoint has been blocking opening some Office documents since Tuesday because it gives a false positive for the Emotet malware. The problem seems to be happening since version 1.353.1874.0.
Since Tuesday, many system administrators have Issues With Windows Defender for Endpoint, BleepingComputer reports. The program believes that it recognizes the Emotet malware payload in Excel files or other Office applications that use MSIP.ExecutionHost.exe, Reports user. The computer was able to produce the false positive results.
Microsoft Defender for Endpoint blocks opening a file if it is flagged with a false positive. This prevents users from accessing their files if the program thinks it recognizes malware.
A Microsoft spokesperson said it is working on a solution. Cloud-connected clients should have no problem anymore. The company did not provide further details on how the issue occurred.
Emotet is a notorious type of malware that has been spread via Word documents, among other things. Malware was presented by criminals as malware-as-a-service and as a result it was widely used. Earlier this month, the malware was reintroduced after months of silence Energetic.
“Lifelong zombie fanatic. Hardcore web practitioner. Thinker. Music expert. Unapologetic pop culture scholar.”