Microsoft Defender mistakenly tagging URLs as malicious.
Microsoft Defender is mistakenly flagging legitimate links as malicious, and some customers have already received dozens of alert emails since the issues began over five hours ago.
As the company confirmed earlier today on Twitter, its engineers are investigating this service incident as a false positive.
“We’re investigating an issue where legitimate URL links are being incorrectly marked as malicious by the Microsoft Defender service.
Additionally, some of the alerts are not showing content as expected,” Microsoft said.
To stay up to date with latest top stories, make sure to subscribe to this YouTube channel by clicking the button above this video!
“We’ve confirmed that users are still able to access the legitimate URLs despite the false positive alerts.
We’re investigating why and what part of the service is incorrectly identifying legitimate URLs as malicious.”
In an update added to the Microsoft 365 Admin Center portal, Redmond confirmed that admins would likely receive an increased number of high-severity alert email messages saying that ‘A potentially malicious URL click was detected.’
The company also confirmed reports of issues accessing the alerts’ details when clicking the ‘View alerts’ link in the emails.
