{"id":16252,"date":"2026-05-04T07:00:50","date_gmt":"2026-05-03T22:00:50","guid":{"rendered":"https:\/\/m365jp.net\/?p=16252"},"modified":"2026-05-04T07:01:12","modified_gmt":"2026-05-03T22:01:12","slug":"servicedegradation-dz1299600-microsoft-defender-xdr-some-users-may-receive-false-positive-alerts-from-microsoft-defender-antivirus-for-specific-certificates-5","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2026-05-04-servicedegradation-dz1299600-microsoft-defender-xdr-some-users-may-receive-false-positive-alerts-from-microsoft-defender-antivirus-for-specific-certificates-5","title":{"rendered":"[serviceDegradation] DZ1299600 | Microsoft Defender XDR | Some users may receive false positive alerts from Microsoft Defender Antivirus for specific certificates"},"content":{"rendered":"<div class=\"postie-post\">\n<div>\n<hr>\n<table id=\"section\">\n<tbody>\n<tr>\n<th width=\"95%\">DZ1299600 | Microsoft Defender XDR | Some users may receive false positive alerts from Microsoft Defender Antivirus for specific certificates<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n<hr>\n<table id=\"data\">\n<tbody>\n<tr>\n<th>Status<\/th>\n<td class=\"bad\">serviceDegradation<\/td>\n<\/tr>\n<tr>\n<th>Classification<\/th>\n<td>incident<\/td>\n<\/tr>\n<tr>\n<th>User Impact<\/th>\n<td>Users may receive false positive alerts from Defender Antivirus and see legitimate files or certificates quarantined.<\/td>\n<\/tr>\n<tr>\n<th>Last Updated<\/th>\n<td>05\/03\/2026 21:36:13<\/td>\n<\/tr>\n<tr>\n<th>Start Time<\/th>\n<td>05\/03\/2026 08:52:00<\/td>\n<\/tr>\n<tr>\n<th>End Time<\/th>\n<td><\/td>\n<\/tr>\n<tr>\n<th>Latest Message<\/th>\n<td>Title: Some users may receive false positive alerts from Microsoft Defender Antivirus for specific certificates<\/p>\n<p>  User impact: Users may receive false positive alerts from Defender Antivirus and see legitimate files or certificates quarantined.<\/p>\n<p>  More info: Users may have received an alert in Microsoft Defender Antivirus notifying them of the following alert:<br \/>  &#8220;&#8216;Cerdigent&#8217; high-severity malware was detected<br \/>  Malware: Trojan:Win32\/Cerdigent.A!dha&#8221;<\/p>\n<p>  Affected users should update to Security Intelligence Version 1.449.430.0 or a later version to remediate impact.<\/p>\n<p>  Current status: Our service continues to remain healthy following our mitigative actions; we&#8217;ve confirmed that no new false positive alerts are being sent. Our workstream to recover quarantined files and certificates is ongoing; however, more investigation   is required. We&#8217;re further analyzing the nature of quarantined files and certificates to determine our next steps.<\/p>\n<p>  Scope of impact: Some users may receive alerts in Microsoft Defender for Antivirus notifying them of false positive alerts for specific certificates.  <\/p>\n<p>  Start time: Sunday, May 03, 2026, at 9:14 AM UTC<\/p>\n<p>  Root cause: A detection logic issue in a recent Security Intelligence update caused legitimate files or certificates to be incorrectly identified as \u201cTrojan:Win32\/Cerdigent.A!dha.\u201d<\/p>\n<p>  Next update by: Monday, May 04, 2026, at 12:30 AM<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>DZ1299600 | Microsoft Defender XDR | Some users may receive false positive alerts from Microsoft Defender Anti [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-16252","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/16252","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=16252"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/16252\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=16252"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=16252"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=16252"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}