I was going to put this in r/antivirus and realized a whole lot of people who aren’t affected would misunderstand there.
I have an archived copy of both the Source Code and Complied .exe forDeCSS, which some of you may be old enough to remember as the first succesfuly decryption tool for DVD players back when Windows 2000 reigned supreme.
Well surprise, surprise, the July 2021 update to Windows Defender will attempt to delete any copies in multiple instances;
.txt file of source code – deleted
.zip file with compiled .exe inside – deleted
raw .exe file – deleted
Setting a Windows Defender exception to the folder does not prevent the quarantine from occurring. I re-ran this test three times trying exceptions and even the entire NAS drive as on the excluded list.
The same July update is now more aggressively mislabeling XFX Team cracks as “potential ransomware”.
Guard your archive files accordingly.