Microsoft Defender Falsely Flags DigiCert Certificates as Malware
Microsoft Defender is incorrectly flagging legitimate DigiCert root certificates as malicious, leading to potential system instability and connectivity issues.
Microsoft Defender is currently experiencing a widespread false-positive issue where it incorrectly identifies legitimate DigiCert root certificates as malicious. The security software flags these certificates as "Trojan:Win32/Cerdigent.A!dha," which can lead to the automated removal of the certificates from affected Windows systems [BleepingComputer].
This issue impacts users and administrators who rely on DigiCert certificates for secure communications and software signing. The removal of these root certificates can cause significant disruption, potentially breaking secure connections, preventing software from running correctly, or triggering errors in applications that depend on these certificates for trust verification.
Microsoft has acknowledged the issue and is working to resolve the detection error. Users who have had certificates quarantined or removed should check their Microsoft Defender protection history to restore the legitimate files. Administrators are advised to monitor official Microsoft channels for updates on a permanent fix to prevent further false-positive detections.