Microsoft Defender is suspected of causing extremely high memory usage and black screen issues

Microsoft Defender for EndPoint is a batch security management solution provided by Microsoft for enterprise customers. Usually, enterprise IT administrators can directly view the security policies of intranet devices through endpoint protection, which is good security software for large enterprises. But if there is a problem, it may also affect the internal equipment use of a large number of enterprises. For example, the recent endpoint security protection is suspected to have a very high memory usage rate. Some corporate IT administrators have discussed the recent high memory usage and black screen problems in unofficial forums. Microsoft has not responded to this issue yet.

If the software normally has very low memory consumption, but suddenly the memory consumption is very high, it is very likely that there is a problem caused by a memory leak. Microsoft’s endpoint protection software has previously experienced memory leaks that cause high memory usage, but Microsoft has successfully solved the problem earlier. Unfortunately, now this problem seems to be back, no one knows how the solved problem has reappeared, however, it still seriously affects enterprise usage. Microsoft Defender for Endpoint is apparently causing a couple of major problems for some client systems on Windows 10 20H2.

In addition to the extremely high memory usage, administrators have observed the following issues:

  • Very high memory usage
  • Black screen issue after logging in (two minutes delay or more)
  • Word 2016 and newer fails to open or takes a very long time to open
  • Windows Event Viewer takes a long time to show events (both remote as well as local)
Disabling the anti-malware service MsMpEng.exe process currently seems to solve the problem for administrators, but the system is less secure after disabling it.

Via: Borncity