Some MacOS users of Microsoft Defender for Endpoint may receive excessive toast notifications and false positive alerts

Title: Some MacOS users of Microsoft Defender for Endpoint may receive excessive toast notifications and false positive alerts

User impact: Users of Microsoft Defender for Endpoint may have received excessive toast notifications and false positive alerts.

More info: Affected users may have been getting excessive toast notifications showing: “Send files to Microsoft?”

Some users’ clients may have also crashed upon clicking the notifications.

Final status: Our long-term fix, contained within “Platform Update” version 101.24032.0006, has completed deployment and is available to all affected users. We’ve confirmed through internal testing that all affected users who update Microsoft Defender for Endpoint to the “Platform Update” version 101.24032.0006 or newer will experience impact remediation.

Scope of impact: Any MacOS users of Microsoft Defender for Endpoint may have been affected.

Start time: Tuesday, April 16, 2024, at 5:06 AM UTC

End time: Thursday, April 18, 2024, at 7:00 PM UTC

Root cause: A recent “Security Intelligence Update,” version 1.409.314.0, to the Microsoft Defender for Endpoint libraries contained an error, leading to false positive alerts and notifications, which was resulting in impact.

Next steps:

– We’re reviewing the impacting “Security Intelligence Update” to understand how our quality assurance process didn’t identify the error prior to deployment so we can prevent similar issues from occurring in the future.

This is the final update for the event.