Cybersecurity is a major concern today, as online threats are increasing exponentially. Businesses rely on advanced security solutions to protect their systems and sensitive data. However, even the most reliable security software, such as Microsoft Defender, can encounter errors that can have significant consequences.
Recently, Microsoft Defender caused a stir by misclassifying some DigiCert certificates as Trojans, more specifically as Trojan:Win32/Cerdigent.A!dha. This error has caused confusion among users and companies that use DigiCert certificates to ensure the security of their applications and websites.
In this article, we will discuss in detail the cause of this error, its implications for users and businesses, and the actions Microsoft is taking to resolve the issue. Additionally, we will discuss temporary measures users can take to address false positives until a fix update is released.
- Microsoft Defender incorrectly identifies the DigiCert certificate as Trojan:Win32/Cerdigent.A!dha.
- This issue emerged in May 2026, causing certificates to be removed from Windows indiscriminately.
- DigiCert is a leader in the digital certification industry, used by millions of websites.
- Microsoft is working on a fix update to address this issue.
- Users can take temporary measures to address false positives until the update is released.
- These errors challenge users’ trust in automated security solutions.
- It is important to monitor situation updates from Microsoft and DigiCert.
Causes of Microsoft Defender errors
Microsoft Defender’s misclassification of DigiCert certificates as malware is caused by security software misidentification. The algorithm used by Defender detected several characteristics of the DigiCert certificate that falsely associated it with a trojan known as Win32/Cerdigent.A!dha. This type of error can occur when the digital signature of a certificate is confused with a malicious code pattern due to technical similarities.
Technical causes may include a recent update to the Microsoft Defender detection engine that introduced new identification rules that have not been adequately tested, resulting in false positive results. This phenomenon highlights the complexity of cybersecurity and the need for continuous updating and revision of malware definitions.
Implications for users and businesses
This error has had a significant impact on many businesses and end users who rely on DigiCert certificates to secure their communications. DigiCert is one of the leading providers of digital certificates globally, and improper removal of these certificates has exposed many systems to potential vulnerabilities.
For businesses, sudden removal of certificates can cause service disruptions, trust issues with customers, and exposure to cybersecurity risks. For end users, this can result in a negative user experience, in the form of problems accessing secure websites and applications. According to industry experts, trust in automated safety systems has been tested by this incident.
Temporary measures to be taken
While waiting for a fix update from Microsoft, there are several actions users can take to address false positives. First, you can recover deleted DigiCert certificates manually via Windows Control Panel. This can be done by accessing the certificate security settings and selecting the option to reactivate the certificate that is considered safe.
Another temporary measure is to temporarily disable Defender warning notifications for DigiCert certificates, so that applications that use them can operate normally. However, this solution should be taken with caution, always maintaining a high level of vigilance regarding system activity.
Updates and communications from Microsoft
Microsoft has announced that it is aware of this issue and is actively working on a fix update for Microsoft Defender. Official communications indicate that the update will be released as soon as possible, although a specific date was not given.
Meanwhile, Microsoft has advised users to monitor the official site for further updates and consider the temporary measures described above to keep their systems secure. It is important to stay up to date on developments in the problem in order to quickly adopt proposed solutions.
Practical impact for users
For everyday users and businesses, this incident highlights how important it is to maintain awareness of automated security solutions. Removing certificates can pose significant risks to security and data integrity, as well as potential service disruptions.
Learnings from this event highlight the importance of using only reliable security solutions and keeping operating systems and security software up to date. Users may also consider using additional antivirus to ensure a higher level of protection.
Additionally, for those of you who want to learn more about updates and security, we recommend that you read articles about the importance of security updates in Windows 11 and how to manage your Microsoft 365 Copilot installation.
Promptly addressing security failures such as those that occurred with Microsoft Defender is critical to ensuring user confidence in the security solution. Users are encouraged to follow updates provided by Microsoft carefully and implement precautions to protect their data and systems.
It is important to share experiences and information with the community to collectively improve cybersecurity. We invite users to visit Mr Key Shop to get the latest and reliable security solutions.
Frequently asked questions
Question 1: What causes Microsoft Defender to fail?
Answer: This error is caused by the misclassification of DigiCert certificates as malware, due to technical similarities to malicious code patterns.
Question 2: How to recover a deleted certificate?
Answer: Users can follow the instructions provided by Microsoft to restore certificates via Windows Control Panel by accessing security settings.
Question 3: When will the problem be resolved?
Answer: Microsoft plans to release a corrective update soon, although the specific date has not been communicated, but it is recommended to keep updating through official channels.
Question 4: What are the alternatives to Microsoft Defender?
Answer: Users may consider other security solutions temporarily available in the market, such as the antivirus provided by Mr Key Shop.
Question 5: How do I report additional issues with Microsoft Defender?
Answer: Users can use official Microsoft support to report specific issues and receive assistance in resolving any issues.
PakarPBN
A Private Blog Network (PBN) is a collection of websites that are controlled by a single individual or organization and used primarily to build backlinks to a “money site” in order to influence its ranking in search engines such as Google. The core idea behind a PBN is based on the importance of backlinks in Google’s ranking algorithm. Since Google views backlinks as signals of authority and trust, some website owners attempt to artificially create these signals through a controlled network of sites.
In a typical PBN setup, the owner acquires expired or aged domains that already have existing authority, backlinks, and history. These domains are rebuilt with new content and hosted separately, often using different IP addresses, hosting providers, themes, and ownership details to make them appear unrelated. Within the content published on these sites, links are strategically placed that point to the main website the owner wants to rank higher. By doing this, the owner attempts to pass link equity (also known as “link juice”) from the PBN sites to the target website.
The purpose of a PBN is to give the impression that the target website is naturally earning links from multiple independent sources. If done effectively, this can temporarily improve keyword rankings, increase organic visibility, and drive more traffic from search results.
