Article last updated on the 15th of November, 2022.
If your organization has the Attack Surface Reduction feature enabled for Windows Defender, Windows Defender might detect various WorkPoint Express actions as false positives.
This means that some WorkPoint Express actions cannot be executed, because Windows Defender flags the application as potentially damaging software.
In the case of this event happening, Windows would send you the following notification:
Example messages when this issue occurs:
For information about what steps to take to resolve issues related to Attack Surface Reduction preventing WorkPoint Express from performing certain actions, please visit the following article: https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/attack-surface-reduction?view=o365-worldwide (External link)