Microsoft Defender flags legitimate URLs as harmful, causing concern among users
Microsoft’s Defender antivirus software has mistakenly flagged some safe URLs as malicious, causing confusion among users. Users have reported that Zoom links and Google links were among the URLs mistakenly flagged as dangerous. Microsoft acknowledged the issue on Twitter, saying its engineers were working on a fix. The company also confirmed that users were still able to access legitimate URLs despite the false positive alerts.
A later update on the Microsoft 365 Admin Center portal stated that admins should expect an increased number of high-severity email message alerts saying “A potentially malicious URL click was detected.” The update also warned that admins could have trouble viewing the details by pressing the “View alerts” link in the messages.