14 DAY TRIAL // One of the cumulative updates that Microsoft released as part of the September 2020 Patch Tuesday rollout to Windows 10 devices is mistakenly flagged by Bitdefender’s antivirus engine as a potential threat.
KB4574727 is the cumulative update that Microsoft published on September 8 for Windows 10 version 1903 and 1909, and given it landed on Patch Tuesday, the focus was mostly on resolving security vulnerabilities in the operating system and the built-in components.
According to Microsoft itself, this update included security improvements for basic operations in Windows 10, but also for peripheral devices, like mice, keyboards, and pens. And last but not least, the user security should also get a boost when running the Microsoft Office productivity suite.
So essentially, KB4574727 is an important security update that users are obviously recommended to install as soon as possible, especially because it resolves vulnerabilities in Microsoft’s operating system.
But as some users figured out the hard way, installing the update on their devices isn’t possible if they’re running Bitdefender protection. The antivirus engine mistakenly flags KB4574727 as a potential threat, and while the update is indeed downloaded from Windows Update, it’s blocked right when the device is restarted to complete the installation process.
Needless to say, the device then boots back to the desktop without the update being installed, at which point they should be offered the same patch once again on Windows Update.
Bitdefender security software displays the following error on the affected Windows 10 devices:
The file \Device\ HarddiskVolume4\ WINDOWS\ SoftwareDistribution\ Download\ 021b4073b65a625a58c006858ea0a97d\ Windows10.0-KB4574727-x64.cab is infected with Trojan.Ciusky.Gen.13. The threat has been successfully blocked, your device is safe.
The easiest way to get around this problem is to just configure an exception for this Windows update, and thus avoid the files from being quarantined by Bitdefender’s antivirus engine.
Other users have tried to download the update from the Microsoft Update Catalog and attempt a manual installation of the patch. However, given that Bitdefender issues the false positive when the installation is initiated (after the files have already been downloaded), this method doesn’t make any difference. So, as TechDows noted, the antivirus engine keeps blocking the installation even in the case of a manual download of the update.
It goes without saying that the update released by Microsoft is entirely clean and poses no risk for the Windows 10 devices where it’s downloaded. In other words, you can safely install it on your computer despite the Bitdefender warning as no Trojan horse is actually part of the installer.
Most likely, Bitdefender will update the virus definitions to remove the false positive that is displayed on devices where the update is offered on Windows Update and its antivirus engine is active. Once this antivirus update is installed, the warning should no longer show up.
In the meantime, the good news is that Windows 10 cumulative update KB4574727 appears to install correctly on the majority of devices. As Windows 10 users found out the hard way, the experience with cumulative updates is often a Russian roulette, as despite Microsoft originally not acknowledging any issues, they end up wreaking havoc on devices.
Very often, these cumulative updates just fail to install, while in some cases they end up breaking down certain features in the operating system. This is the reason some users just decide to push back the update process for as long as possible every month, even though this obviously isn’t recommended given critical security fixes are typically included.
Once KB4574727 is installed, the version number of Windows 10 version 1903 is bumped to 18362.1082, while Windows 10 version 1909 reaches build number 18363.1082.