https://www.bleepingcomputer.com/news/security/microsoft-defender-tags-office-updates-as-ransomware-activity/

Windows admins were hit today by a wave of Microsoft Defender for Endpoint false positives where Office updates were tagged as malicious in alerts pointing to ransomware behavior detected on their systems.

According to Windows system admins reports [1, 2, 3, 4], this started happening several hours ago and, in some cases, it led to a "downpour of ransomware alerts."