Question Is Defender borked?

[ScandinavianFish]

I don't think I need to explain what's wrong if you just look at the attached picture. The first thing that came to my mind is some form of corruption. (And yes, I intentionally downloaded Process Hacker, I knew it was gonna block the driver as ive seen it happen before, but just not, well, this). I generally reinstall the OS when something breaks, I just got curious as to what the reason could be since ive never seen anything like this before

Edit: I am wondering about the corrupted text after "Rule:".

 

[Templarware]

Have you hardened Defender, using Group Policy for example, or are you using the default settings?
That "administrator" thing is usually a consequence of making changes to Defender's settings in Group Policy. I started using DefenderUI.

 

[ScandinavianFish]

Have you hardened Defender, using Group Policy for example, or are you using the default settings?
That "administrator" thing is usually a consequence of making changes to Defender's settings in Group Policy. I started using DefenderUI.

I do use DefenderUI, its why I expected it to block that driver, as ive seen that ASR rule block it before.

 

[Kongo]

I do use DefenderUI, its why I expected it to block that driver, as ive seen that ASR rule block it before.

What exactly does confuse you now? That Defender is controlled by ur admin or the strange font of the rule?

 

[ScandinavianFish]

What exactly does confuse you now? That Defender is controlled by ur admin or the strange font of the rule?

This, the text is corrupted, I mentioned it in the title before an admin removed the the text, I guess I expected too much that people would've notice it in the picture.

 

[Kongo]

View attachment 274636
This, the text is corrupted.

I remember having a similar issue a few years back. Did you try to reset font settings and run sfc /scannow?

 

[ScandinavianFish]

I remember having a similar issue a few years back. Did you try to reset font settings and run sfc /scannow?

Resetting the fonts did not fix it, and I have already tried both SFC and DISM, neither of which worked.

 

[oldschool]

View attachment 274636
This, the text is corrupted, I mentioned it in the title before an admin removed the the text, I guess I expected too much that people would've notice it in the picture.

I saw exactly what you meant and thought at first sight you spoke a different language and wondered what ASR rule that was.

 

[ForgottenSeer 76546]

Corruption is definitely a possibility, and it's always a good idea to be cautious when downloading third-party software. Reinstalling the OS is a smart move if you're not sure what's causing the issue. That being said, if you're feeling adventurous, you could try running some diagnostic tools to see if you can pinpoint the root cause.

Why does this text looks like it was generated by an AI? Same with all their posts

 

[Trident]

The name of this rule, apart from having strange non-unicode UTF8 characters (which is probably why it is borked, you will need to enable support for these characters in Region/Language settings) is also grammatically incorrect. It lacks capitalisation and punctuation. The correct way to write it is:
Block Abuse of In-the-wild-exploited, Vulnerable, Signed Drivers.

The group policy is a mess overall, some rules follow heading-style capitalisation, others don’t.

Microsoft official website seems to have it this way:
Block abuse of exploited vulnerable signed drivers

It is different than what’s on the picture. My question is why?