back to article Microsoft Defender casts a jaundiced eye over Citrix, slams services in quarantine on suspicion of being malware

Those wondering when the Microsoft love-in with Citrix might end will be relieved to learn that Microsoft Defender decided yesterday that Citrix Broker and High Availability Services bore all the hallmarks of a trojan. Administrators and users alike found that update 1.321.1319.0 of the malware masher left Citrix's platform a …

  1. Sparkus

    The question begs.... Can / Will / Is MSFT trying to 'weaponize' Defender to act against competitors?

    1. Anonymous Coward
      Anonymous Coward

      Never ascribe malice to where incompetence reigns.

      1. Andre Carneiro

        ... but don’t discard malice.

    2. RM Myers Silver badge
      Unhappy

      Yes, at least Checkpoint's antivirus software (ZoneAlarm free) had the decency to only treat their own product as a virus. In fact, every time the damn thing ran a scan it found 2 or 3 files to quarantine, and they were always part of their own product.

      One of the few free software programs that was overpriced.

  2. HildyJ Silver badge
    Devil

    Bug?

    I am torn between deciding if deprecating Citrix software is a bug or a service.

  3. ecofeco Silver badge

    Micrsoft never fails to deliver!

    They never fail to deliver reasons why they deserve their shitty reputation.

  4. karlkarl Silver badge

    But Windows Defender doesn't detect malware. Its main role is to detect piracy related tools such as cracks.

    So why did Citrix's tool get flagged? Either Microsoft are being a little anti-competitive or my personal guess is that Citrix has modified some middleware in such a way that it appears like it is cracked. It isn't uncommon for companies to legally crack software for integration (i.e removing checks because they have their own license system, etc).

  5. I Am Spartacus
    FAIL

    Microsoft Defender fails Microsoft

    A have a Surface tablet that runs Windows 10 and Defender. It has decided that a feature update from Microsoft is malware and refuses to install it. Windows 10 detects that the install has failed and repeats the download / install.

    Rinse and repeat. The surface now can't take any MS updates.

    So why not just disable Defender? Because its controlled by policies published by the CIO, who has read the Dummies Guid to Defender, and turned on all the defence mechanisms remotely. Including the one that allows safe removal of Defender.

    So, I now have a shiny doorstop.

    Nice.

    1. Strahd Ivarius Bronze badge
      Trollface

      Re: Microsoft Defender fails Microsoft

      I think that you are the first person found on this forum who complains that Windows 10 features update is not installing...

      1. I Am Spartacus
        Happy

        Re: Microsoft Defender fails Microsoft

        Best laugh all day - Nice One!

  6. IGotOut Silver badge
    FAIL

    Another company to avoid

    "Our prod environment with over 3000 users is hard down cc"

    That's because you or your company are a bunch of morons.

    Even since Win 3 I have NEVER rolled out patches or updated globally. Do a few, then a small batch, then think about going bigger only if you have NO issues.

    The same goes for Unix, Linux or even OS2 warp.

    1. Anonymous Coward
      Anonymous Coward

      Re: Another company to avoid

      They were not patches, they were AV definitions that get updated multiple times per day. Very hard to test and if you don't roll them out quickly you are vulnerable.

  7. adam payne

    Microsoft Defender decided yesterday that Citrix Broker and High Availability Services bore all the hallmarks of a trojan.

    With Microsoft's rep it could have been worse (or better depending on how you feel about Windows), it could have finally killed Windows.

    Update: it breaks the f*** out of Citrix. BrokerService.exe gets tagged as malware and quarantined. Our prod environment with over 3000 users is hard down cc

    Rule 1: Do not deploy patches to your production environment unless you've tested them first.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2021