Microsoft Has Fixed Windows Defender Skipping Files Bug

A few days ago I wrote about a bug in Windows Defender, which was showing a notification regarding skipped files during a quick or full scan. While Microsoft didn't acknowledge the bug officially, the latest antimalware platform update resolves the issue.

Microsoft Defender ATP Banner

The app was showing the following notification after a Quick Scan or Full Scan, telling that some items were skipped due to an exclusion, even if you had no exclusions defined.

Windows 10 Defender Bug Skipped Files

The update includes monthly updates and fixes to the Windows Defender antimalware platform that is used by Windows Defender Antivirus in Windows 10. It is released for the following operating systems:

  • Windows 10 (Enterprise, Pro, and Home editions)
  • Windows Server 2019
  • Windows Server 2016

The update raises the engine version to 4.18.2003.8.

Windows Defender Security Version

However, the change log points to a few issues that may affect some users.

Known issues in this update

  • New file pathBecause of a change in the file path location in the update, many downloads are blocked when AppLocker is enabled.
    To work around this issue, open Group Policy, and then change the setting to Allow for the following path:

    %OSDrive%\ProgramData\Microsoft\Windows Defender\Platform\*

  • Secure Boot issue in version 4.18.1901.7 Some devices that are running Windows 10 do not start if they have Secure Boot turned on.We are working on this issue and plan to provide a fix in a future update. To work around this issue in the meantime, follow these steps:
    1. Restart the device, and enter the BIOS.
    2. Turn off Secure Boot, and then restart the device again.
    3. In an administrative Command Prompt window, run the following command:"%programdata%\Microsoft\Windows Defender\Platform\4.18.1901-7\MpCmdRun.exe" -revertplatform
    4. Wait for one minute, and then do the following:
      • Run sc query windefend to verify that the Windows Defender service is running.
      • Run sc qc windefend to verify that the Windows Defender binary no longer points to version 4.18.1901.7.
    5. Restart the device, re-enter the BIOS, and then turn on Secure Boot.

This update is available from Microsoft Update and WSUS. 

Leave a Reply

Your email address will not be published. Required fields are marked *