Fix: Desktop Shortcuts and Pinned App Icons not working on Windows 10/11

Many users are reporting issues with their desktop shortcuts and pinned icons, as they no longer seem to be functioning. When users click on the pinned icons, a pop-up message appears stating, This file does not have an app associated with it for performing this action. Please install an app or, if one is already installed, create an association in the Default Apps Settings page.

Desktop Shortcuts and Pinned App Icons not working on Windows 10/11
Desktop Shortcuts and Pinned App Icons not working on Windows 10/11

Investigation on this Issue

  • An update, KB5022282, was installed on 1/10/2023.
  • Microsoft Defender definitions were updated to version 1.1381.2140.0.
  • In the Event Viewer under the Windows Defender folder, an Event ID – 1121 was found.
    • The Event ID – 1121 suggests that Microsoft Defender Exploit Guard has blocked an operation not allowed by the IT administrator.

After confirmation with Microsoft, it was suggested that recent Microsoft Defender definitions might be the cause of this issue. Attempted to roll back the Microsoft Defender definitions using the following steps, but this did not resolve the issue.

Check Microsoft Defender Definitions Version

To check the version of Microsoft Defender definitions, please follow the steps below:

  • Go to Start🪟 -> Search for Windows Security.
  • Click on Settings⚙️ on the bottom left of the page.
  • Click on About link.
Check Microsoft Defender Definitions Version
Check Microsoft Defender Definitions Version

Fixes Tried So Far

We have applied below two fixes so far, but none have resolved this problem.

  1. We changed the ‘Block Win32 API calls from Office macros‘ policy in Attack Surface Reduction from ‘Block mode‘ to ‘Audit mode‘. Microsoft also recommended placing the ASR policy in audit mode. Please note that adjusting this setting in the ASR policy may take a couple of hours to propagate down to users’ devices.
Fixes Tried So Far
Fixes Tried So Far
  1. I rolled back the Defender definitions using the ‘MpCmdRun.exe -RemoveDefinitions‘ command.

If you wish to check or test the rollback of Microsoft Defender definitions on user’s devices, you can use the provided scripts. I have included both a batch file and a PowerShell file in the following sections of this blog post.

1. How to Roll back Microsoft Defender Definitions using Intune

Create a PowerShell script file and name it as you prefer, for example, ‘MP.ps1‘. Paste the following code into the script file:

Set-Location "C:\Program Files\Windows Defender"
.\mpcmdrun.exe -Removedefinitions
  • Log in to the Intune admin center.
  • Navigate to Devices -> Scripts.
  • Click ‘Add‘ and then upload the ‘MP.ps1‘ script. Assign it to a group that includes the relevant devices.
  • It is advisable to test on one or two devices before a broader rollout.

2. How to Roll back Microsoft Defender Definitions using a Batch file

You can also use a batch file I have tested to roll back Microsoft Defender definitions to the previous stable version. Copy the code below into a file with a .bat extension and run it from the command prompt as an administrator.

  • Navigate to Start 🪟, type ‘Run‘ to open a Run box.
  • Search for the Command Prompt app.
  • Right-click on the Command Prompt app and select ‘Run as administrator‘.
  • Paste the following lines of code directly into the Command Prompt, or you can copy the code into a .bat file and run the .bat file from the Command Prompt.
SET MPPATH="C:\Program Files\Windows Defender\"
START MpCmdRun.exe -RemoveDefinitions

Workaround I used

As desktop shortcuts and pinned items are currently not functioning, users can use a workaround by navigating to the installation folder of the applications and launching them directly from that location.

Most installed apps can be found in either C:\Program Files or C:\Program Files (x86). Simply search for the application folder and launch the application directly from that location until the original issue is resolved.”

Alternatively, you can launch all apps directly using the following steps:

  • Press Windows🪟 + R to open the Run dialog box.
  • Type the desired command to open the apps directly. For instance, to launch Outlook, type ‘outlook‘ in the Run box and press Enter.
Workaround I used

Similarly, for other apps, you can type the following keywords in the Run box to open them directly:

  • Word Application: winword
  • Excel Application: excel
  • OneNote: onenote
  • Google Chrome: chrome
App NameLocation
Office 365 AppC:\Program Files\Microsoft Office\root\Office16

Search for excel.exe for Excel App
Search for winword.exe for Word App
Search for Powerpnt.exe for Powerpoint app
Search for Outlook.exe for Outlook App
Zoom AppC:\Program Files\Zoom\bin\Zoom.exe
Microsoft EdgeC:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe

Or C:\Program Files\Microsoft\Edge\Application\msedge.exe

Status of Permanent Fix

I checked with Microsoft to find a permanent fix for this issue. It appears that many organizations are experiencing the same problem, and Microsoft is actively working to provide a permanent solution.

You can check the status of this issue from the Microsoft 365 admin center:

  • Log in to the Microsoft 365 admin center.
  • Navigate to Health > Service Health.
  • Look for Incident number SI MO497128 and monitor updates on this issue.
Status of Permanent Fix
Status of Permanent Fix

Creating Desktop Shortcuts on User Devices

You can either use a batch script and deploy it on a user’s device via Active Directory Group Policy. Alternatively, if you are using Intune, you can create a script and deploy it using Intune.

Please follow the blog post below, which provides more information on how you can easily create desktop shortcuts on users’ devices.

How To Create A Desktop Shortcut Using Intune


As a permanent fix for this issue is not available yet, you can use the provided workaround to ensure users can continue using applications without interruption. Microsoft is actively working on resolving this issue, and updates are expected soon. Monitor the status of this issue through the Microsoft 365 admin center or the MSFT365Status Twitter page.

Leave a Comment

Discover more from TechPress

Subscribe now to keep reading and get access to the full archive.

Continue reading