Windows Defender detecting encoded powershell invocations as malware

[clintoncwolfe]

When executing powershell, we encode the command as base64. It appears that Windows Defender is now tagging such invocations as malware.

1. Verify this is the case, and determine if it is true for all invocations or only certain ones.
2. If so, reach out to Microsoft and try to get an exception in place for Chef Infra Client and Chef InSpec.

Customer is noticing this on Windows Server 2016 and 2019 Chef-client version : 17.1.35 It happens on Defender definition version 1.351.277.0

[Vasu1105]

Closing this as upgrading of the windows defender solved this issue for the customer.