Websites are wrongly labelled as harmful by Microsoft Defender
Microsoft Defender has been wrongly reporting normal URLs as harmful, and some users have already received dozens of alert emails.
"We're looking into a problem where the Microsoft Defender service mistakenly flags valid URL URLs as dangerous. Moreover, some of the warnings don't display the required material "explained Microsoft.
"Despite the false positive notifications, Microsoft has verified that users may still visit the authentic URLs. We're looking into the reasons behind it and how the service might be misclassifying legal Websites as malicious."
We've confirmed that users are still able to access the legitimate URLs despite the false positive alerts. We're investigating why and what part of the service is incorrectly identifying legitimate URLs as malicious. Further details are under DX534539 within the admin center.
— Microsoft 365 Status (@MSFT365Status) March 29, 2023
Redmond stated in an upgrade to the Microsoft 365 Admin Center interface that administrators would probably start getting more high-severity alert emails stating that "A potentially dangerous Website click was detected."
The business also acknowledged reports of difficulties obtaining alert details when using the email's 'View alerts' link.
Microsoft noted, "We're looking into service monitoring telemetry to identify the main cause and create a remedy strategy. Impact is particular to any administrator served by the compromised infrastructure.
