Potential false positive detection of Trojan:Script/Wacatac.H!ml by Windows Defender during installation of Docker Desktop v4.17.0 and v4.17.1

Windows Defender updates 1.385.1140.0 and 1.385.1170 are believed to be causing a false positive report of Trojan:Script/Wacatac.H!ml inside Docker Desktop on Windows. This occurs during installation, not during static file analysis. This affects Docker Desktop v4.17.0 and v4.17.1. We will continue to investigate and confirm the false positive. Our upcoming release for v4.18.0 is not affected. Read more in the GitHub Issue here: https://github.com/docker/for-win/issues/13335. The last version of Docker Desktop without the (assumed) false positive, v4.16.3, can be found here: https://docs.docker.com/desktop/release-notes/#4163.

We’ve had reports that Microsoft Defender updates v1.385.1188.0 and beyond have resolved assumed false positive reports of Trojan:Script/Wacatac.H!ml and Trojan:MSIL/Bladabindi!MTB on Docker Desktop v4.17.0 and v4.17.1 installations for many users. We are continuing to investigate prior user reports. Users are advised to update to the latest Microsoft Defender definitions (version 1.385.1188.0 or later). Users may report any issues still experienced after the update here: https://github.com/docker/for-win/issues/13335. Please let us know what version of Docker Desktop and Microsoft Defender "Virus & threat protection updates" you have when doing so; see "Protect your device with the latest updates" here to verify you are up-to-date: https://support.microsoft.com/en-us/windows/virus-threat-protection-in-windows-security-1362f4cd-d71a-b52a-0b66-c2820032b65e.