Why does Windows Defender suddenly flag EVERY delphi executable on my hard drive to be uploaded to Microsoft?

Question

_{Tuesday, March 8, 2016 8:38 PM}

Something changed in the last 7 days and every person where I work suddenly sees any executable that appears on their hard drive get scanned and then immediately (because we are building stuff within the Delphi IDE, which is kind of like Visual Studio, but using Pascal) gets flagged by Windows Defender, and a notification (toast) popup shows up asking me to submit it to Microsoft. I think this "submit to Microsoft" feature needs a field where I can type in a note like "Y'all need to think about NOT flagging every single binary that my compiler creates". 

There's no "feedback" feature that I can see in Windows Defender that would let me channel feedback like "your tool has gone stupid here" to the Defender team.  It's almost a predictable  occurrence.  yet another anti-virus engine decides to update its heuristics to include some standard runtime library element in the Delphi standard runtime. 

Warren

wp

All replies (2)

_{Tuesday, March 8, 2016 9:01 PM ✅Answered}

Perhaps try;

https://www.microsoft.com/security/portal/mmpc/developer/resources.aspx

and perhaps

https://www.microsoft.com/en-us/security/portal/submission/submit.aspx

Or just any file you don't mind sending then send to them, and hope they get bored and fix it before you get bored :)

_{Wednesday, March 9, 2016 6:18 AM ✅Answered}

Hi,

It seems that Windows defender consider your Delphi app is unsafe due to unknown digital signature.

You can feedback this as what in above post, in addition, since these are compiled by yourself, you can trust them completely and exclude them from scanning list:

Add an exclusion to Windows Defender
http://windows.microsoft.com/en-us/windows-10/add-an-exclusion-to-windows-defender

Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected].