Windows Defender malware scans are failing after a few seconds

UPDATE: Microsoft said it fixed the issue in an update (KB2267602) on September 19.

windows-defender-scan.png

Image: ZDNet

There's currently a major bug in Windows Defender, the free antivirus software that ships with Windows 10.

Running a Quick or Full scan will fail after a few seconds and only go through a handful of files, resulting in incomplete, superficial results. Such scans are usually known to take tens of minutes, and even hours.

The issue has been widely reported over the past two days on the Microsoft tech support forums [1, 2, 3, 4, 5], Reddit [1, 2, 3, 4], and tech support sites like AskWoody, DeskModder, BornCity, and Bleeping Computer.

The bug impacts Windows Defender version 4.18.1908.7 and later, released earlier this week. The bug was introduced while Microsoft tried to fix another bug introduced with the July 2019 Patch Tuesday.

Per reports, the original bug broke "sfc /scannow," a command part of the Windows System File Checker utility that lets Windows users scan and fix corrupted files.

After the July Patch Tuesday this utility started flagging some of Windows Defender's internal modules as corrupted, resulting in incorrect error messages that fooled admins into believing there was something wrong with their Windows Defender installation, and its updates.

Microsoft announced a fix for the System File Checker bug in August, but the actual patch was delayed. When the fix arrived earlier this week, it didn't yield the expected results.

Furthermore, the issue doesn't appear to impact Windows Defender on Windows 10, but also all other Windows versions where Windows Defender ships, such as Windows 8 and 8.1. The same bug has also been reported with Security Essentials, Windows Defender's precursor on older Windows versions like 7, Vista, and XP. The impacted Security Essentials definitions (version) is 1.301.1622.0, as per reports.

In an email to ZDNet, Microsoft confirmed the bug and said the company was working on a fix. The company said that only manual or scheduled scans were impacted, and that Windows Defender's real-time scanning protection was not impacted, and should detect malware once it reaches a system.

Fortunately, there's a way around this bug, if users need to perform daily scans of sensitive systems. Instead of relying on a Quick or Full scan, users can use the Windows Defender "Custom scan" feature and select the drives or folders they'd like scanned, manually, one by one.

Updated on September 18, 17:00pm, with statement from Microsoft.

Updated on September 19, 15:25pm, to add that Microsoft has fixed this issue. The OS maker shared more details here.

windows-defender-custom-scan-error.png

Image: ZDNet