Home > Blogs > VMware PowerCLI Blog


Windows Defender reports false positive for PowerShell Modules

7 Replies

Over the weekend, Microsoft released a Windows Defender signature file that falsely reports many PowerShell modules, including PowerCLI as containing a virus.

This is a FALSE POSITIVE widely affecting the PowerShell community.

https://social.technet.microsoft.com/Forums/en-US/40fa56dd-b73f-456a-9d97-cdb4500bc7ed/latest-updates-indicated-peasectoa-infection-?forum=WindowsDefenderATPPreview

There is no official statement from Microsoft yet, but the PowerCLI community on VMware {Code} has been working overtime! Here’s what you need to do to get back to automating:

  1. Update Windows Defender Signatures to the latest (>= 1.261.424.0 1.261.459.0).
  2. If your PowerShellGet module was affected, you may need to download manually from Github (https://github.com/PowerShell/PowerShellGet)
    1. Update: Kevin Marquette has a pretty good workaround for PowerShellGet, which reverts back it back to 1.0.0.1.
  3. Release the affected files from Quarantine, or reinstall PowerCLI (Install-Module VMware.PowerCLI -scope CurrentUser -force)

This story is still developing, so I will update as the info comes in.

This is a great time for a shout out to the PowerCLI community on VMware {Code}. Special thanks to the PowerCLI users that have been working on this over the weekend and this morning: Luc Dekens, Edgar Sanchez, Wouter Kursten, Scott Haas, and John Kavanagh

You can join the VMware {Code} Slack by signing up here: https://code.vmware.com/join

 

Related Posts:

7 thoughts on “Windows Defender reports false positive for PowerShell Modules

  1. Pingback: Windows Defender reports false positive for PowerShell Modules – VMPRO.AT – all about virtualization

  2. health 88

    Thee abundant affair about is this website lets you examination songs and
    acqusition the onnes you want, and again save these to your personal
    computer afterwards downloading them so you can accept for them over aand over.

    In fact, my girlfriend was drunk with joy when she found out that a selected database
    features a large choice of potential cute fairy tattoos that they
    could never wish to find in any sesxual affair generic tattoo gallery sites.
    The invitation part is the best thing being
    decorated because cards are beautiful and brimming with lots of pictures like fairy and
    pajama characters.

    Reply
  3. Windows Defender Error Code

    Sometimes while using the Windows Defender on your system an error code 0X800704EC occurs. This issue can’t be solved by the user. Last day I faced this issues and visit Windows Defender Error Code solution. The solution helps me a lot.

    Reply
  4. Gmail Customer Service Number

    Microsoft always comes with innovative ideas, But maybe sometimes it can get false. Thanks for sharing a Useful article, It’s great that we can avoid these kinds of loss through the window PowerCLI updation.

    Reply
  5. bigg boss

    Will your site have a contact site? I’m having troubles finding it but, I wish to toss you a contact. I’ve received some advice for your site you might well be considering hearing.

    Reply
  6. Happy Halloween

    Thanks 1st tremendous publishing! I savored reading it; you’re a good publisher.I’ll check that you bookmarker your web site and will keep going back sometime. i might wish to encourage that you simply carry on your nice articles, have an honest weekend!

    Reply
  7. 0xc000000f

    This error code on my system creates much more issues from yesterday to me, Microsoft released a Windows Defender signature file that falsely reports many PowerShell modules, that solve by you.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA

*