Friday the 13th! You enter the office and your helpdesk tells you that the links for the Office applications disappeared from some users. As a proper SysAdmin (AKA BOFH), you dismiss the incident and continue with your planned tasks. After a while you get people calling you that I have no Outlook any more….help! You decide to investigate a bit more and you find out that the MS Defender ASR killed all the .lnk files.
Rule: Block Win32 API calls from Office macro
It seems that a signature update for MS Defender has created this mess and still no word from Microsoft.
Only solution for the moment is a workaround to disable the Block Win32 API calls from Office macro
Bulk sync all devices (maximum 100 per time and you need to select them one by one) and recreate the links or run the office repair
“C:\Program Files\Microsoft Office 15\ClientX64\OfficeClicktoRun.exe” scenario=Repair platform=x64 culture=en-us DisplayLevel=True
Thank you Microsoft, have a nice weekend!