Security News > 2020 > August > Windows Defender Detected Citrix Services as Malware
Windows Defender has caused problems for some Citrix customers after deleting two services incorrectly detected as malware.
Windows Defender users who installed the update may have had their Citrix Broker and HighAvailability services on Delivery Controllers and Cloud Connectors deleted after they were erroneously detected as a trojan.
According to Citrix, impacted users may notice that the Broker service is no longer available in the Services console, that the BrokerService.
Microsoft has released antivirus definition update 1.321.1341.0 to address the problem and Citrix has provided instructions on how to remove the buggy update and install the new one.
Citrix has also shared workarounds that can be used to restore impacted files and prevent Windows Defender from detecting them as malware.
News URL
Related news
- Detecting Windows-based Malware Through Better Visibility (source)
- Microsoft fixes two Windows zero-days exploited in malware attacks (source)
- Researchers claim Windows Defender can be fooled into deleting databases (source)
- Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware (source)
- Microsoft fixes Windows zero-day exploited in QakBot malware attacks (source)