Beware Potential Defender Engine 1.1.18100.5 Gotcha

Beware Potential Defender Engine 1.1.18100.5 Gotcha

Here’s an interesting item. Check your system/boot (usually C:) drive in Windows 10. If it’s filling up (or full), that may come from a (hopefully temporary) Windows Defender gotcha. The program starts creating loads of 2K binary files in the Scans/History/Store subfolder. Ghacks reports tens of thousands to nearly a million such files showing up on affected PCs. Normally, a healthy Defender installation has one or two files in this folder (shown in the lead-in graphic). That makes it easy to check if a system is subject to this potential Defender Engine 1.1.18100.5 gotcha.

How to Check For Potential Defender Engine 1.1.18100.5 Gotcha

The complete directory path to check is:
C:\ProgramData\Microsoft\Windows Defender\Scans\History\Store
If  you see more than a handful of files there, you may be subject to the gotcha. It it’s chock-full of files and your C: drive is filling up, the gotcha is active! It’s OK to delete those files (Defender will make more), according to Brinkmann.

Brinkmann theorizes that the current Defender Engine version — namely 1.1.18100.5 — is responsible. He says MS is aware of the gotcha, and is planning a  fix with the next engine update. That new version should carry an ID of 1.1.18100.6, and be ready as soon as Thursday, May 6.

FWIW, I checked all of my Windows 10 PCs. While all of them are indeed running Engine version 1.1.18500.5, none of them is showing symptoms indicative of the gotcha. Clearly, it’s out there. But it’s not clear how widespread or active this gotcha may be. And it sounds like MS is already working on a fix that should do away with it completely.

At least, we don’t have to wait too long to find out if a fix is forthcoming. As I write this item, it could be just over 24 hours from release. For the record, Microsoft updates usually hit the Internet at 9:00 AM Pacific Time on release days. That’s about 26.5 hours from now.

Note Added May 5 Afternoon

A new engine build is already out,  and should download automatically to all Windows 10 PCs running Defender. I just found it already installed on my test PCs, to wit:

Potential Defender Engine 1.1.18100.5 Gotcha.new-engine

Note the new engine is out: 1.1.18100.6. Problem solved!

That was quick! Glad MS is on the ball today. Thanks to @WindowsInsider and the whole Windows Team.

Facebooklinkedin
Facebooklinkedin

Leave a Reply

Your email address will not be published. Required fields are marked *