A recent Windows Defender update released on 1st December 2021 version 1.353.1874.0 sent a lot of users into disarray with false detection of the Emotet Trojan when opening up Microsoft Office documents.

Some users were not even able to open up some of their Microsoft Office documents while some were not able to print out documents because of this recent update.

During that time frame the only way to help users overcome the situation was by undoing the latest Windows Defender update. In this article I’d like to share how to roll back Windows Defender definition.

Learn how to restore files using Shadow Copy

The steps are very simple and you only need PowerShell to complete the task.

So launch up PowerShell as an Administrator and then change the directory to where Windows Defender resides using the command as below:

cd "C:\Program Files\Windows Defender"

Next run the PowerShell command as below to remove the newest definition installed and revert it to previous version.

.\MpCmdRun.exe -RemoveDefinitions

You should get an output as follows:


Conclusion: Roll back Windows Defender definition

Rolling back Windows Defender definitions is quite easy and only requires two commands. These two commands though will help a lot of people getting their work back on track until a fix has been released and updated into their computers.

Furthermore for the Windows Defender definition version 1.353.1874.0 false positive issue, Microsoft has released a new patch today which should’ve resolved the problem. You can download it Microsoft Security Intelligence webpage.

Leave a Comment

Your email address will not be published. Required fields are marked *

This div height required for enabling the sticky sidebar