FeedMalwareMicrosoft Defender wrongly flags DigiCert certs as Trojan:Wi...
MalwareBleeping Computer
6.5HIGH

Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

📅 3 May 2026 at 18:11 UTC📰 Bleeping ComputerView original source ↗
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha

Microsoft Defender is detecting legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, resulting in widespread false-positive alerts, and in some cases, removing certificates from Windows. [...]

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

Microsoft Defender incorrectly flagged legitimate DigiCert root certificates as Trojan:Win32/Cerdigent.A!dha, causing widespread false-positive alerts and certificate removals on affected systems. The issue is linked to a recent DigiCert security incident that exposed initialization codes for code-signing certificates used to sign malware.

⚙️Technical Details
Affected Systems
Windows
Attack Vectors
Phishing emailsFake image or screenshotDecoy image displayRetrieval of second-stage payload from cloud storage
💥Impact Assessment
Severity: High
Who Is at Risk
Users with legitimate DigiCert root certificates installed on their Windows systems
🛡️Recommended Actions
1Check for and install the latest Microsoft Defender updates (1.449.431.0)
2Verify that all installed certificates are legitimate and not revoked
3Monitor system logs for any suspicious activity related to certificate removals or false-positive alerts
📦Affected Products
Windows

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer
← Back to feed