Сlarity and Trust – We take pride in being the site where you can feel free to express your opinion and leave feedback. Whenever you click on the websites of products reviewed by us, we participate in the revenue sharing and get commissions that help us maintain our project. Read more about how we work.

Microsoft Defender Scanner for Log4j Problems finds non-existent bugs

Now Reading
Microsoft Defender Scanner for Log4j Problems finds non-existent bugs

The media reports that Microsoft Defender for Log4j problems is showing false warnings about some kind of “sensor hack” associated with the recently deployed Microsoft 365 Defender scanner for Log4j processes.

According to Bleeping Computer, such warnings mostly appear on Windows Server 2016 systems and says: “Microsoft Defender for Endpoint has detected possible sensor tampering with memory.” These warnings apply to the OpenHandleCollector.exe process.

Microsoft Defender for Log4j problems

Microsoft representatives have already told outraged administrators that there is really nothing to worry about, as these are false positives. It is known that at the present time the company’s engineers are already studying the problem and are working on a patch, which should soon be released for all systems affected by the problem.

This is part of our activity to find instances of Log4J on disk. Our team is already analyzing why a warning appears because of this (of course, it should not be so).<span class="su-quote-cite">the company explains.</span>

This newly launched Log4j scanner has been deployed with the new consolidated Log4j dashboard of Microsoft Defender 365 Threat and Vulnerability Management Portal, Microsoft said Tuesday.

The new dashboard is designed to help customers identify and remediate files, software, and devices that are susceptible to attacks that exploit Log4j vulnerabilities.

Journalists note that administrators are most likely already accustomed to the oddities in Microsoft Defender for Endpoint. After all, he previously marked Office documents as Emotet payloads, reported that network devices were infected with Cobalt Strike, and considered Chrome updates to be PHP backdoors.

Yes, and we noted the problems and features of this antivirus software, for example, we wrote that Microsoft Defender for Endpoint and Kaspersky doesn’t start after Windows update.

And also, for example, we wrote that Windows Defender creates thousands of files in Windows 10 due to bug.

What's your reaction?
Love It
Like It
Want It
Had It
Hated It
About The Author
Vladimir Krasnogolovy
Leave a response

Leave a Response