Root Certificates News

cyber-security25 days ago•58 min saved

Microsoft Defender Misclassifies DigiCert Root Certificates as Malware

Microsoft Defender’s late-April 2026 signature update wrongly flagged two DigiCert root certificates as malware (Trojan:Win32/Cerdigent.A!dha), quarantining their entries in Windows’ AuthRoot/Certificates store and risking SSL/TLS validation and code-signing for enterprise software. A corrective definition update (.430) began restoring the certificates, with automatic remediation rolling out and admins advised to verify restoration via certutil and Advanced Hunting logs. This incident underscores the risks of false positives in automated security responses targeting core Windows components.

via CyberSecurityNews|

#cyber-security #digicert #false-positive