Security News > 2023 > March > Microsoft Defender mistakenly tagging URLs as malicious
Microsoft Defender is mistakenly flagging legitimate links as malicious, and some customers have already received dozens of alert emails since the issues began over five hours ago.
"We're investigating an issue where legitimate URL links are being incorrectly marked as malicious by the Microsoft Defender service. Additionally, some of the alerts are not showing content as expected," Microsoft said.
"We've confirmed that users are still able to access the legitimate URLs despite the false positive alerts. We're investigating why and what part of the service is incorrectly identifying legitimate URLs as malicious."
In an update added to the Microsoft 365 Admin Center portal, Redmond confirmed that admins would likely receive an increased number of high-severity alert email messages saying that 'A potentially malicious URL click was detected.
"We're reviewing service monitoring telemetry to isolate the root cause and develop a remediation plan," Microsoft added.
Earlier today, Redmond issued another service degradation advisory via the admin center portal, notifying admins that the alerts and Incidents pages might be inaccessible.