Microsoft Defender classifies Microsoft Office update as potential ransomware

Windows’ own security tool, Microsoft Defender, enjoys growing popularity and repeatedly shows in tests that it can keep up even with expensive antivirus programs. This is despite the fact that there have been repeated problems in the past few years. It’s just stupid when you then classify the update of another Microsoft program, such as MS Office in this case, as malware.

Microsoft Defender blocks Office update

As first reported by the Neowin website, a recent update to Microsoft’s Office suite has been classified by Defender as possible malware and its installation blocked. Behind the executable update “OfficeSvcMgr.exe”, Microsoft Defender wrongly suspected a malicious ransomware and blocked the installation without further ado.

The case was first discovered by system administrators, who contacted Microsoft. Microsoft Defender for Endpoint had issued a security warning for ransomware, which was simply an MS Office update.

Steve Scholz, Principal Technical Specialist for Security & Compliance at Microsoft, wrote on Reddit that this “false positive” had been detected and corrected. Affected was an update for Microsoft Office that was released on March 16, 2022. All false positives from Microsoft Defender should have been corrected by now thanks to Microsoft’s cloud connection.