4,395 questions
Windows defender endpoint and clickonce VSTO plugin
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(105.60000000000001, 69%, 20%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECD%3C/text%3E%3C/svg%3E)
Cédric Boivin
10
Reputation points
I'm encountering an issue and I'm not sure how to resolve it.
We've developed a Microsoft Outlook VSTO add-in using C# with the .NET framework 4.6.1. We deploy it to our clients using ClickOnce and a URL. Our ClickOnce application is signed with a certificate authority. It's deployed on thousands of machines, however, some of our clients use Windows Defender Endpoint protection.
When the setup.exe is downloaded and installed, there are no issues. The problem occurs when Outlook restarts, and when we publish an update. ClickOnce is configured to check for updates each time Outlook is opened. For most of our clients, this works perfectly fine, except for those using Windows Defender 365 for Endpoint.
ClickOnce downloads the new version, and the files are deleted by Windows Defender during the download.
We have tried several things:
- Adding our certificate to the trusted publishers
- Signing all DLLs that weren't signed with our public certificate
The only thing that has worked, but is far from secure, is to exclude the %userprofile%\AppData\Local\Temp\Deployment folder.
Does anyone have a lead on this? Here's the error message that appears at the time of the download:
Microsoft 365 and Office | Development | Other
Microsoft Security | Microsoft Defender | Microsoft Defender for Cloud
Sign in to answer