Security News > 2020 > August > Windows Defender Detected Citrix Services as Malware
Windows Defender has caused problems for some Citrix customers after deleting two services incorrectly detected as malware.
Windows Defender users who installed the update may have had their Citrix Broker and HighAvailability services on Delivery Controllers and Cloud Connectors deleted after they were erroneously detected as a trojan.
According to Citrix, impacted users may notice that the Broker service is no longer available in the Services console, that the BrokerService.
Microsoft has released antivirus definition update 1.321.1341.0 to address the problem and Citrix has provided instructions on how to remove the buggy update and install the new one.
Citrix has also shared workarounds that can be used to restore impacted files and prevent Windows Defender from detecting them as malware.
News URL
Related news
- CISA warns of Windows flaw used in infostealer malware attacks (source)
- Windows users targeted with fake human verification pages delivering malware (source)
- New Windows Malware Locks Computer in Kiosk Mode (source)
- North Korean ScarCruft Exploits Windows Zero-Day to Spread RokRAT Malware (source)
- Russia targets Ukrainian conscripts with Windows, Android malware (source)