Microsoft Defender Misclassifies DigiCert Root Certificates as Malware

May 4, 2026 at 05:33 AM

•

1 min read

Microsoft Defender Misclassifies DigiCert Root Certificates as Malware — Photo: CyberSecurityNews

TL;DR Summary

Microsoft Defender’s late-April 2026 signature update wrongly flagged two DigiCert root certificates as malware (Trojan:Win32/Cerdigent.A!dha), quarantining their entries in Windows’ AuthRoot/Certificates store and risking SSL/TLS validation and code-signing for enterprise software. A corrective definition update (.430) began restoring the certificates, with automatic remediation rolling out and admins advised to verify restoration via certutil and Advanced Hunting logs. This incident underscores the risks of false positives in automated security responses targeting core Windows components.

Topics:technology #cyber-security #digicert #false-positive #microsoft-defender #root-certificates #ssltls

Share this article

Microsoft Defender Mistakenly Flags DigiCert Root Certificates as Malware CyberSecurityNews
DigiCert hacked with a malicious screensaver file Risky Business Newsletters
Microsoft Defender flagging "Cerdigent" trojan malware on Windows 11, Server PCs worldwide Neowin
Microsoft Defender mistakenly flags trusted DigiCert certificates as malware PiunikaWeb
Microsoft Defender wrongly flags DigiCert certs as Trojan:Win32/Cerdigent.A!dha BleepingComputer

Reading Insights

Total Reads

Unique Readers

Time Saved

58 min

vs 59 min read

Condensed

99%

11,615 → 73 words

Want the full story? Read the original article

Read on CyberSecurityNews

JavaScript Required

tl;dr daily news requires JavaScript to be enabled. Please enable JavaScript in your browser settings.

Related Sources

Reading Insights