Microsoft Defender ASR rules remove icons and apps shortcuts from Taskbar

piquiteco

Level 14
Oct 16, 2022
624
To err is human and I understand people make mistakes but if this problem happened in the Enterprise Business edition of MD, who knows what kind of problems might occur for us lowly home edition users? I am trying to keep my faith in MD but am not so sure what to do right now.
Yes, to err is human, it happened after Microsoft released the security intelligence update build 1.381.2140.0 for Microsoft Defender for ALL windows 10 and 11 users on Jan 13th as described here -> Application shortcuts might not work from the Start menu or other locations by Microsoft. However, home users of Microsoft Defender in default settings were not affected, only if you had changed the ASR Rules in your Microsoft Defender, by the time you got the update you would be affected. The most affected were more companies that use endpoint or advanced users who changed the advanced settings like I did.
 

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,577
My question is since MD is always running in the background and can still do a periodic scan even when you have a third party AV installed, would another bad MD update still cause a problem?
@piquiteco is correct, because you don't have Defender with that particular ASR rule enabled.
Or is the third party AV going to block the update? Is the third party AV a good solution to to the update problems?
Not an issue because of the above.
 
Last edited:

piquiteco

Level 14
Oct 16, 2022
624
i thought i was going mad earlier... random icons just vanished but could see in protection history the reason why (the "block win32 API calls from office Macro" ASR Rule
It's because it was Friday the 13th you forgot? On mine I didn't even see the logs, @Andy Ful commented on the logs, now that it's clear, I hope he doesn't even read my comment, I think he can literally beat me up of course. If you are going to use advanced MD settings, you have to know what you are doing. I thought I got infected by malware even after I just formatted the machine lol. :LOL:
 

Captain Holly

Level 6
Verified
Well-known
Jan 23, 2021
251
Thanks for the answers @oldschool and @piquiteco. I had hope that Defender would still be ok to use. I also hope none of us have any other problems with MS, whether with Defender or anything else. All along I have had the idea that MS does not put near the same emphasis and effort into Home edition MD as they do in Enterprise. Whether they do or do not, I am still trying to keep my faith in MS and always follow good online security, watch my step online and use common sense.

C.H.
 

Templarware

Level 10
Verified
Well-known
Mar 13, 2021
462
Like I previously said, I solved it with a system restore, but now I noticed that my Documents and Downloads folder are in english.
 
Last edited:

Azure

Level 28
Verified
Top Poster
Content Creator
Oct 23, 2014
1,714
Microsoft created a powershell script to restore the shortcuts of some applications

list is dominated by Microsoft applications, but administrators find third-party apps such as Notepad++, 7-Zip, Firefox, or Camtasia Studio as well in the listing.
Though more could be added

Administrators may modify the script to add more applications to the listing. All that is required for that is to add a new line to the list of applications array using the provided syntax (which merely is "Application Name" = "filename").

 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top