Microsoft Defender, Windows’ built-in antivirus tool, is widely considered robust enough to mean that an average user no longer needs a third-party antivirus or security suite. However, a bug brought to light by Twitter/X user yappy shows that there are times when Microsoft Defender can be extremely overzealous in its attempts to defend your computer.
A false positive can be observed when you type ‘This content is no longer available.’ or ‘This content is no longer available!’ in Notepad and save it as a text file on your PC. When you do so, Microsoft Defender will instantly flag it as a Trojan file and delete it from your system - no matter what file name you use, ostensibly protecting you from a potential 'severe threat.'
my gf just found out that a text file solely containing the string "This content is no longer available." trips up windows defender lol pic.twitter.com/8RyHW3nltVJune 21, 2024
Upon first investigation, yappy and some other Tweet/Xers concluded that the cause of the false positive was an SHA-256 collision. However, the astronomical odds against such a clash rung true, as most commenters now agree the headlining text string was used in several previous threats, and thus raises a red flag in the Windows Defender detection engine.
This head-scratching bug isn’t the first time Microsoft has had issues with its Defender antivirus. Microsoft actually broke it in 2020 with a faulty update, while it patched a serious bug in 2019 that prevented the antivirus app from operating properly. But aside from these missteps, we still consider Microsoft Defender as a pretty good antivirus.
Thankfully, this bug isn’t as serious as those issues, as the text line doesn’t pose any actual threat to Windows 11. Furthermore, if you add other text to it (like changing punctuation or adding an extra space at the end), the false detection goes away. However, in the unlikely event that you must have this exact text string saved on a text file on your computer, you need to exclude the folder where you’re saving it from scans, otherwise, it’ll be gone the moment you hit Ctrl + S.
Hopefully, Microsoft can fix this silly bug soon. This isn’t a threat to the security of Windows 11 and we don't think anyone will want to temporarily disable Microsoft Defender and install another antivirus program waiting for a fix. Meanwhile, Kaspersky has recently become even less attractive as an alternative, as Washington has just sanctioned it.
