Title: Users may see false positive detections in Microsoft Defender for Endpoint
User impact: Users may have seen false positive detections in Microsoft Defender for Endpoint.
More info: This issue specifically concerned false positive detections for Trojan:Script/Wacatac.B!ml, Trojan:Win32/Wacatac.B!ml, Program:Win32/Wacapew.C!ml, and PUA:Win32/Puwaders.C!ml.
Final status: We’ve confirmed the deployment of our fix has completed and impact has been resolved for all users.
Scope of impact: This issue may have affected any user reviewing detections in Microsoft Defender for Endpoint.
Start time: Monday, April 22, 2024, at 11:00 AM UTC
End time: Monday, April 22, 2024, at 10:20 PM UTC
Root cause: A misconfiguration in our machine learning model resulted in these false positive detections.
Next steps:
– We’re continuing to investigate the misconfiguration in our machine learning model to better understand how impact manifested and prevent similar future occurrences.
