{"id":95,"date":"2023-01-21T05:00:35","date_gmt":"2023-01-20T20:00:35","guid":{"rendered":"https:\/\/m365jp.tk\/?p=95"},"modified":"2023-01-21T05:00:57","modified_gmt":"2023-01-20T20:00:57","slug":"servicerestored-mo497128-microsoft-365-suite-some-users-are-unable-to-utilize-the-application-shortcuts-on-the-start-menu-and-taskbar","status":"publish","type":"post","link":"https:\/\/m365jp.net\/index.php\/2023-01-21-servicerestored-mo497128-microsoft-365-suite-some-users-are-unable-to-utilize-the-application-shortcuts-on-the-start-menu-and-taskbar","title":{"rendered":"[serviceRestored] MO497128 | Microsoft 365 suite | Some users are unable to utilize the Application shortcuts on the Start menu and taskbar"},"content":{"rendered":"
\n
\n
\n\n\n\n
MO497128 | Microsoft 365 suite | Some users are unable to utilize the Application shortcuts on the Start menu and taskbar<\/th>\n<\/tr>\n<\/tbody>\n<\/table>\n
\n\n\n\n\n\n\n\n\n\n\n\n
Status<\/th>\nserviceRestored<\/td>\n<\/tr>\n
Classification<\/th>\nadvisory<\/td>\n<\/tr>\n
Event Type<\/th>\nUpdate<\/td>\n<\/tr>\n
User Impact<\/th>\nUsers were unable to utilize the Application shortcuts on the Start menu, taskbar, and desktop.<\/td>\n<\/tr>\n
Last Updated<\/th>\n1\/20\/2023 7:48:37 PM<\/td>\n<\/tr>\n
Start Time<\/th>\n1\/13\/2023 11:43:47 AM<\/td>\n<\/tr>\n
End Time<\/th>\n1\/19\/2023 6:47:00 AM<\/td>\n<\/tr>\n
Latest Message<\/th>\nTitle: Some users are unable to utilize the Application shortcuts on the Start menu and taskbar<\/p>\n

User Impact: Users were unable to utilize the Application shortcuts on the Start menu, taskbar, and desktop.<\/p>\n

More info: Shortcut icons in the Start menu, taskbar, or desktop may have no longer been visible or may not have worked as intended. Additionally, for some users, they may have received errors when trying to run Executable (.exe) files, if they had dependencies on an affected shortcut file path. Further information remains published here: github.com\/microsoft\/MDE-PowerBI-Templates\/blob\/master\/ASR_scripts\/ASR_rule_Block_Win32_API_calls_from_Office_Macro_issue_Q%26A.md<\/a> <\/p>\n

We’ve completed an update deployment within the security intelligence build(s) 1.381.2164.0 and later, on Friday, January 13, 2023, at 6:03 PM UTC. This fix update did not restore previously removed shortcut files, but it did prevent any additional shortcut files from being removed by the incorrect detection logic. <\/p>\n

Customers are encouraged to update Microsoft Defender to build 1.381.2164.0 or later.
– Customers utilizing automatic updates for Microsoft Defender antivirus do not need to take additional action to receive the updated security intelligence build.
– Administrators who manage updates directly can download the latest update and deploy it across their environment(s), more information here: www.microsoft.com\/en-us\/wdsi\/defenderupdates<\/a><\/p>\n

Final status: We previously completed an update deployment within the security intelligence build(s) 1.381.2164.0 and later, on Friday, January 13, 2023, at 6:03 PM UTC, which has corrected the behavior. Customers are encouraged to update Microsoft Defender to build 1.381.2164.0 or later. Further updates regarding this issue will be made available through the Microsoft Tech Community post: aka.ms\/asrfprecovery<\/a>. <\/p>\n

Scope of impact: This issue may have affected users within your organization; it was not specific to Office apps and could have impacted any application’s shortcut file. There was no impact for customers who (1) did not have the ?Block Win32 API calls from Office macro? rule turned on in block mode or, (2) did not update to an affected security intelligence build(s) 1.381.2134.0, 1.381.2140.0, 1.381.2152, and 1.381.2163.0.<\/p>\n

Start time: Friday, January 13, 2023, at 8:51 AM UTC<\/p>\n

End time: Thursday, January 19, 2023, at 6:47 AM UTC<\/p>\n

Root cause: During a recent update to the Windows Security and Microsoft Defender for Endpoint service, user devices experienced a series of false positive detections for the Attack Surface Reduction (ASR) rule “Block Win32 API calls from Office macro” after updating to an affected security intelligence build(s) 1.381.2134.0, 1.381.2140.0, 1.381.2152, and 1.381.2163.0. These detections resulted in the identification of certain Windows shortcut (.lnk) files that matched the incorrect detection pattern and were subsequently removed.<\/p>\n

Next steps:
– We’re improving our testing and deployment procedures to reduce the possibility of broad impact during scenarios related to this.
– We’re making improvements to our detection behaviors, to further reduce the time to detection for related scenarios.
– We?re incorporating additional updates to prevent the incorrect removal of files not intended to be within scope for the ASR scan logic.<\/p>\n

We?ll publish a post-incident report within five business days.<\/td>\n<\/tr>\n

\u6a5f\u68b0\u7ffb\u8a33<\/th>\n\u30bf\u30a4\u30c8\u30eb:\u4e00\u90e8\u306e\u30e6\u30fc\u30b6\u30fc\u306f\u3001[\u30b9\u30bf\u30fc\u30c8]\u30e1\u30cb\u30e5\u30fc\u3068\u30bf\u30b9\u30af\u30d0\u30fc\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8\u3092\u5229\u7528\u3067\u304d\u307e\u305b\u3093<\/p>\n

\u5f71\u97ff:\u30e6\u30fc\u30b6\u30fc\u306f\u3001[\u30b9\u30bf\u30fc\u30c8] \u30e1\u30cb\u30e5\u30fc\u3001\u30bf\u30b9\u30af\u30d0\u30fc\u3001\u304a\u3088\u3073\u30c7\u30b9\u30af\u30c8\u30c3\u30d7\u306e\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8\u3092\u4f7f\u7528\u3067\u304d\u307e\u305b\u3093\u3067\u3057\u305f\u3002<\/p>\n

\u8a73\u7d30\u60c5\u5831: [\u30b9\u30bf\u30fc\u30c8] \u30e1\u30cb\u30e5\u30fc\u3001\u30bf\u30b9\u30af \u30d0\u30fc\u3001\u307e\u305f\u306f\u30c7\u30b9\u30af\u30c8\u30c3\u30d7\u306e\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 \u30a2\u30a4\u30b3\u30f3\u304c\u8868\u793a\u3055\u308c\u306a\u304f\u306a\u3063\u305f\u304b\u3001\u610f\u56f3\u3057\u305f\u3068\u304a\u308a\u306b\u6a5f\u80fd\u3057\u306a\u304b\u3063\u305f\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3055\u3089\u306b\u3001\u4e00\u90e8\u306e\u30e6\u30fc\u30b6\u30fc\u306e\u5834\u5408\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 \u30d5\u30a1\u30a4\u30eb \u30d1\u30b9\u306b\u4f9d\u5b58\u3057\u3066\u3044\u308b\u5834\u5408\u3001\u5b9f\u884c\u53ef\u80fd (.exe) \u30d5\u30a1\u30a4\u30eb\u3092\u5b9f\u884c\u3057\u3088\u3046\u3068\u3057\u305f\u3068\u304d\u306b\u30a8\u30e9\u30fc\u304c\u8868\u793a\u3055\u308c\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u8a73\u7d30\u60c5\u5831\u306f\u3053\u3053\u306b\u516c\u958b\u3055\u308c\u305f\u307e\u307e\u3067\u3059:https:\/\/github.com\/microsoft\/MDE-PowerBI-Templates\/blob\/master\/ASR_scripts\/ASR_rule_Block_Win32_API_calls_from_Office_Macro_issue_Q%26A.md <\/p>\n

\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30d3\u30eb\u30c9 1.381.2164.0 \u4ee5\u964d\u3067\u30012023 \u5e74 1 \u6708 13 \u65e5\u91d1\u66dc\u65e5\u306e\u5348\u5f8c 6 \u6642 3 \u5206 (UTC) \u306b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u5c55\u958b\u3092\u5b8c\u4e86\u3057\u307e\u3057\u305f\u3002\u3053\u306e\u4fee\u6b63\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u66f4\u65b0\u3067\u306f\u3001\u4ee5\u524d\u306b\u524a\u9664\u3055\u308c\u305f\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 \u30d5\u30a1\u30a4\u30eb\u306f\u5fa9\u5143\u3055\u308c\u307e\u305b\u3093\u3067\u3057\u305f\u304c\u3001\u4e0d\u9069\u5207\u306a\u691c\u51fa\u30ed\u30b8\u30c3\u30af\u306b\u3088\u3063\u3066\u8ffd\u52a0\u306e\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 \u30d5\u30a1\u30a4\u30eb\u304c\u524a\u9664\u3055\u308c\u308b\u306e\u3092\u9632\u304e\u307e\u3057\u305f\u3002<\/p>\n

\u304a\u5ba2\u69d8\u306f\u30011.381.2164.0 \u4ee5\u964d\u3092\u30d3\u30eb\u30c9\u3059\u308b\u3088\u3046\u306b Microsoft Defender \u3092\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002
– Microsoft Defender \u30a6\u30a4\u30eb\u30b9\u5bfe\u7b56\u306e\u81ea\u52d5\u66f4\u65b0\u3092\u5229\u7528\u3057\u3066\u3044\u308b\u304a\u5ba2\u69d8\u306f\u3001\u66f4\u65b0\u3055\u308c\u305f\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30d3\u30eb\u30c9\u3092\u53d7\u3051\u53d6\u308b\u305f\u3081\u306b\u8ffd\u52a0\u306e\u30a2\u30af\u30b7\u30e7\u30f3\u3092\u5b9f\u884c\u3059\u308b\u5fc5\u8981\u306f\u3042\u308a\u307e\u305b\u3093\u3002
– \u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u76f4\u63a5\u7ba1\u7406\u3059\u308b\u7ba1\u7406\u8005\u306f\u3001\u6700\u65b0\u306e\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u3092\u30c0\u30a6\u30f3\u30ed\u30fc\u30c9\u3057\u3066\u74b0\u5883\u5168\u4f53\u306b\u5c55\u958b\u3067\u304d\u307e\u3059 www.microsoft.com\/en-us\/wdsi\/defenderupdates<\/a>\u3002<\/p>\n

\u6700\u7d42\u72b6\u614b: \u4ee5\u524d\u306b\u3001\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30d3\u30eb\u30c9 1.381.2164.0 \u4ee5\u964d\u3067\u30012023 \u5e74 1 \u6708 13 \u65e5\u91d1\u66dc\u65e5\u306e\u5348\u5f8c 6 \u6642 3 \u5206 (UTC) \u306b\u66f4\u65b0\u30d7\u30ed\u30b0\u30e9\u30e0\u306e\u5c55\u958b\u3092\u5b8c\u4e86\u3057\u3001\u52d5\u4f5c\u3092\u4fee\u6b63\u3057\u307e\u3057\u305f\u3002\u304a\u5ba2\u69d8\u306f\u30011.381.2164.0 \u4ee5\u964d\u3092\u30d3\u30eb\u30c9\u3059\u308b\u3088\u3046\u306b Microsoft Defender \u3092\u66f4\u65b0\u3059\u308b\u3053\u3068\u3092\u304a\u52e7\u3081\u3057\u307e\u3059\u3002\u3053\u306e\u554f\u984c\u306b\u95a2\u3059\u308b\u305d\u306e\u4ed6\u306e\u66f4\u65b0\u306f\u3001\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8\u6280\u8853\u30b3\u30df\u30e5\u30cb\u30c6\u30a3\u306e\u6295\u7a3f aka.ms\/asrfprecovery<\/a> \u304b\u3089\u5165\u624b\u3067\u304d\u307e\u3059\u3002<\/p>\n

\u5f71\u97ff\u306e\u7bc4\u56f2: \u3053\u306e\u554f\u984c\u306f\u3001\u7d44\u7e54\u5185\u306e\u30e6\u30fc\u30b6\u30fc\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u3066\u3044\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002\u3053\u308c\u306f Office \u30a2\u30d7\u30ea\u306b\u56fa\u6709\u306e\u3082\u306e\u3067\u306f\u306a\u304f\u3001\u30a2\u30d7\u30ea\u30b1\u30fc\u30b7\u30e7\u30f3\u306e\u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 \u30d5\u30a1\u30a4\u30eb\u306b\u5f71\u97ff\u3092\u4e0e\u3048\u308b\u53ef\u80fd\u6027\u304c\u3042\u308a\u307e\u3059\u3002(1)\u304c\u6301\u3063\u3066\u3044\u306a\u304b\u3063\u305f\u304a\u5ba2\u69d8\u306b\u306f\u5f71\u97ff\u306f\u3042\u308a\u307e\u305b\u3093\u3067\u3057\u305f\u304b?Office \u30de\u30af\u30ed\u304b\u3089\u306e Win32 API \u547c\u3073\u51fa\u3057\u3092\u30d6\u30ed\u30c3\u30af\u3057\u307e\u3059\u304b?\u30eb\u30fc\u30eb\u304c\u30d6\u30ed\u30c3\u30af \u30e2\u30fc\u30c9\u3067\u6709\u52b9\u306b\u306a\u3063\u3066\u3044\u308b\u304b\u3001(2) \u5f71\u97ff\u3092\u53d7\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30d3\u30eb\u30c9 1.381.2134.0\u30011.381.2140.0\u30011.381.2152\u3001\u304a\u3088\u3073 1.381.2163.0 \u306b\u66f4\u65b0\u3055\u308c\u307e\u305b\u3093\u3067\u3057\u305f\u3002<\/p>\n

\u958b\u59cb\u6642\u9593: 2023 \u5e74 1 \u6708 13 \u65e5\u91d1\u66dc\u65e5\u5348\u524d 8:51 UTC<\/p>\n

\u7d42\u4e86\u6642\u523b: 2023 \u5e74 1 \u6708 19 \u65e5\u6728\u66dc\u65e5\u5348\u524d 6:47 UTC<\/p>\n

\u6839\u672c\u539f\u56e0: Windows \u30bb\u30ad\u30e5\u30ea\u30c6\u30a3\u304a\u3088\u3073 Microsoft Defender for Endpoint \u30b5\u30fc\u30d3\u30b9\u306e\u6700\u8fd1\u306e\u66f4\u65b0\u4e2d\u306b\u3001\u5f71\u97ff\u3092\u53d7\u3051\u308b\u30bb\u30ad\u30e5\u30ea\u30c6\u30a3 \u30a4\u30f3\u30c6\u30ea\u30b8\u30a7\u30f3\u30b9 \u30d3\u30eb\u30c9 1.381.2134.0\u30011.381.2140.0\u30011.381.2152\u3001\u304a\u3088\u3073 1.381.2163.0 \u306b\u66f4\u65b0\u3057\u305f\u5f8c\u3001\u30e6\u30fc\u30b6\u30fc \u30c7\u30d0\u30a4\u30b9\u3067\u653b\u6483\u9762\u306e\u7e2e\u5c0f (ASR) \u30eb\u30fc\u30eb “Office \u30de\u30af\u30ed\u304b\u3089\u306e Win32 API \u547c\u3073\u51fa\u3057\u3092\u30d6\u30ed\u30c3\u30af\u3059\u308b” \u306e\u4e00\u9023\u306e\u8aa4\u691c\u77e5\u304c\u691c\u51fa\u3055\u308c\u307e\u3057\u305f\u3002\u3053\u308c\u3089\u306e\u691c\u51fa\u306b\u3088\u308a\u3001\u8aa4\u3063\u305f\u691c\u51fa\u30d1\u30bf\u30fc\u30f3\u306b\u4e00\u81f4\u3059\u308b\u7279\u5b9a\u306e Windows \u30b7\u30e7\u30fc\u30c8\u30ab\u30c3\u30c8 (.lnk) \u30d5\u30a1\u30a4\u30eb\u304c\u8b58\u5225\u3055\u308c\u3001\u305d\u306e\u5f8c\u524a\u9664\u3055\u308c\u307e\u3057\u305f\u3002<\/p>\n

\u6b21\u306e\u30b9\u30c6\u30c3\u30d7:
– \u3053\u308c\u306b\u95a2\u9023\u3059\u308b\u30b7\u30ca\u30ea\u30aa\u4e2d\u306b\u5e83\u7bc4\u306a\u5f71\u97ff\u304c\u767a\u751f\u3059\u308b\u53ef\u80fd\u6027\u3092\u6e1b\u3089\u3059\u305f\u3081\u306b\u3001\u30c6\u30b9\u30c8\u3068\u5c55\u958b\u306e\u624b\u9806\u3092\u6539\u5584\u3057\u3066\u3044\u307e\u3059\u3002
– \u95a2\u9023\u3059\u308b\u30b7\u30ca\u30ea\u30aa\u306e\u691c\u51fa\u307e\u3067\u306e\u6642\u9593\u3092\u3055\u3089\u306b\u77ed\u7e2e\u3059\u308b\u305f\u3081\u306b\u3001\u691c\u51fa\u52d5\u4f5c\u3092\u6539\u5584\u3057\u3066\u3044\u307e\u3059\u3002
– ASR\u30b9\u30ad\u30e3\u30f3\u30ed\u30b8\u30c3\u30af\u306e\u7bc4\u56f2\u5185\u306b\u306a\u3044\u3053\u3068\u3092\u610f\u56f3\u3057\u3066\u3044\u306a\u3044\u30d5\u30a1\u30a4\u30eb\u306e\u8aa4\u3063\u305f\u524a\u9664\u3092\u9632\u3050\u305f\u3081\u306b\u3001\u8ffd\u52a0\u306e\u66f4\u65b0\u3092\u7d44\u307f\u8fbc\u3093\u3067\u3044\u307e\u3059\u3002<\/p>\n

\u30a4\u30f3\u30b7\u30c7\u30f3\u30c8\u5f8c\u306e\u30ec\u30dd\u30fc\u30c8\u306f 5 \u55b6\u696d\u65e5\u4ee5\u5185\u306b\u516c\u958b\u3055\u308c\u307e\u3059\u3002<\/td>\n<\/tr>\n<\/tbody>\n<\/table><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"

MO497128 | Microsoft 365 suite | Some users are unable to utilize the Application shortcuts on the Start menu […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-95","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/95","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/comments?post=95"}],"version-history":[{"count":0,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/posts\/95\/revisions"}],"wp:attachment":[{"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/media?parent=95"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/categories?post=95"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/m365jp.net\/index.php\/wp-json\/wp\/v2\/tags?post=95"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}