Windows Defender AV service crashing on Windows Server 2019

Anonymous
2024-08-14T15:42:22+00:00

After todays definition update (1.417.113.0) for Windows Defender we are seeing multiple servers, all running Windows server 2019, where event viewer is reporting frequent crashes of the Windows Defender AV service. This seems to correlate when our application running on the server attempt to call a dll file in c:\windows\temp and caused our application to not function properly. Disabling the real-time protection stopped the crashes and allowed our application to work properly. I have seen at least 1 other report of this issue on reddit. How can I report this to Microsoft so they can fix the issue?

Windows for business | Windows Server | Performance | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments No comments
{count} votes

6 answers

Sort by: Most helpful
  1. Anonymous
    2024-08-15T02:08:39+00:00

    Hello,

    Thank you for posting in Microsoft Community forum.

    Based on the description, I understand your question is related to issue after update.

    I did a general search on Microsoft update website, but do not find such known issue published. But it is suggested to uninstall that specific update, then monitor the issue.

    Also, it is recommended to report this issue to Microsoft, use the Feedback Hub app. To learn more, see Send feedback to Microsoft with the Feedback Hub app:

    Send feedback to Microsoft with the Feedback Hub app - Microsoft Support 

    Have a nice day. 

    Best Regards,

    Molly

    0 comments No comments
  2. Anonymous
    2024-08-16T16:43:54+00:00

    We have this issue with about 6 servers...3 test servers and 3 jump boxes...all Windows Server 2019 with Defender for Endpoint. We did a restore on the jump boxes and left the test servers as-is for Microsoft to review. We've opened a paid support case for this issue. I'll try to update here once we have more information. The case was opened almost 24 hours ago and we we're still waiting for the Microsoft technician to reach out to troubleshoot the issue.

    1 person found this answer helpful.
    0 comments No comments
  3. Deleted

    This answer has been deleted due to a violation of our Code of Conduct. The answer was manually reported or identified through automated detection before action was taken. Please refer to our Code of Conduct for more information.


    Comments have been turned off. Learn more

  4. Anonymous
    2024-08-16T17:14:50+00:00

    Here's an update from one of our server admins on this issue. We had already observed a very clear correlation with the August 2024 Windows updates triggering this Defender behavior.

    "Manually removed KB5041578 from [one server] and it does resolve the issue. It took 30 minutes to get to the console to appear, 30 more minutes after pushing the uninstall button for it to start and 60 minutes after that for the KB to uninstall... but it does clear the issue."

    1 person found this answer helpful.
    0 comments No comments
  5. Anonymous
    2024-08-16T17:55:44+00:00

    Our systems were not running the August 2024 update and experienced this. A definition update (1.417.120.0) the afternoon this issue occurred looks to have resolved the issue.

    1 person found this answer helpful.
    0 comments No comments