Posts by Alex Clayton
ASRmageddon: What Happened and How We Responded
On January 13th, Microsoft deployed a new definitions update for Microsoft Defender. This caused an issue for some users, as Defender began to flag and delete shortcuts in the “C:\ProgramData\Microsoft\Windows\Start Menu\Programs” folder on devices with the Attack Surface Reduction (ASR) rule “Block Win32 API calls from Office macro” set to Block. The widespread nature of this…
Read More