Windows Defender Antivirus Scans Broken After New Update

Windows Defender Antivirus scan

Update: The issue has now been addressed in the definitions “Security Intelligence Update for Windows Defender Antivirus-KB2267602 (Version 1.301.1684.0)”

Microsoft published a fresh Windows Defender update that broke both Quick and Full antivirus scans. Windows Defender will scan only about 40 documents when users use these scan choices.

In August, Microsoft announced it had released Windows Defender 4.18.1908.7 in order to correct a bug caused by an error in the SFC command “Windows Resource Protection discovered corrupt files but was unable to solve some of them.”

Microsoft may have solved that bug with version 4.18.1908.7, but they have now developed a fresh one.


Windows Defender Version 4.18.1908.7 Installed

From yesterday, when the version was released, users began to report[ 1, 2, 3, 4, 5, 6] that Quick or Full scans were not available. When trying to do so, Windows Defender scans only about 40 documents instead of scanning the thousands of documents it uses.

We were able to verify separately that this was done on our own pcs which have installed version 4.18.1908.7 (KB4052623). As you can see below, it only scanned 44 files and lasted 9 seconds when we conducted a full scan.


Full Scan only scanning 44 files

This same conduct happens when a quick scan is performed. Our readers also said that it affects Microsoft Security Essentials (MSE) and the Offline Scan function on Windows 7. For Windows 7, the user now has the MSE 1.301.1645.0 definition.

However, users can still scan for customized applications and indicate the drive they want to scan for viruses. This technique is used to scan all files normally and thoroughly, as shown below.


Custom scan works

For the time being, if you are using Windows Defender Antivirus, you will need to use the Custom Scan Feature to perform a manual scan.

Microsoft supplied with the following declaration:

Microsoft Defender AV employs real-time scanning of endpoints, which was not impacted by this update. Only manual or scheduled scans conducted by administrators were temporarily impacted and we are working to resolve it.”

Update 9/18/19 3:06 PM: Added information supplied by commenters about offline scans and Windows 7.

Update 9/18/19 7:28 PM: Microsoft has told BleepingComputer that the issue has now been resolved. It turns out it was an issue in the definitions and has been resolved in “Security Intelligence Update for Windows Defender Antivirus – KB2267602 (Version 1.301.1684.0)”.

Mark Funk
Mark Funk is an experienced information security specialist who works with enterprises to mature and improve their enterprise security programs. Previously, he worked as a security news reporter.