Lmst

RT by @SwiftOnSecurity: Defender AV Platform v4.18.25070.5

◽Enhanced Passive Mode Scanning Behavior ◽Improved Tamper Protection Handling ◽Digital Signature Verification Performance Boost ◽Refined ASR Rule Exclusion Processing

#MDAV #MDE #ASR

🐦🔗: https://nitter.oksocial.net/fabian_bader/status/1955339624777228540#m

[2025/08/12 18:44]

Defender AV Platform v4.18.25070.5

◽Enhanced Passive Mode Scanning Behavior
◽Improved Tamper Protection Handling
◽Digital Signature Verification Performance Boost
◽Refined ASR Rule Exclusion Processing

#MDAV #MDE #ASR

Microsoft Defender for Endpoint news

▫️MacOS support isolation (Preview)
▫️MacOS and Linus support on demand AV scanning (Preview)
▫️Manage all your #MDE #MDAV client settings directly from the portal without hybrid join 🎉

https://learn.microsoft.com/en-us/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint?WT.mc_id=AZ-MVP-5004810#july-2023

As of 07.03.2023 (Release of signature 1.383.1159.0) tamper protection is no longer enforcing "Allow Scanning Network Files".

If you still want this to be enabled, make sure your Intune or GPO configuration has this value set.

#MDAV #MDE #M365D #TamperProtection

As of signature release 1.383.1159.0, due to confusion around the default value for "Allow Scanning Network Files", tamper protection no longer locks this setting to its default value. In managed environments, the default value is enabled.

Easy script to update AV exclusions on #Exchange 2019 #MDAV #MDE
https://github.com/0x3e4/PowerShell/blob/main/Exchange/Get-Exchange2019AVExclusions/Get-Exchange2019AVExclusions.ps1

Update on the #Exchange Server Antivirus Exclusions

Microsoft finally removed the recommendation to exclude PowerShell.exe and w3wp.exe and two others from the official documentation

#MDAV #MDE

https://techcommunity.microsoft.com/t5/exchange-team-blog/update-on-the-exchange-server-antivirus-exclusions/ba-p/3751464?WT.mc_id=AZ-MVP-5004810

100% pure cloud based management of #MDE devices is coming closer.

See the latest Microsoft blog "Push ASR rules with Security Settings Management on Microsoft Defender for Endpoint managed devices"

#ASR #MDAV

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/push-asr-rules-with-security-settings-management-on-microsoft/ba-p/3635129?WT.mc_id=AZ-MVP-5004810

Just published a small update to my "The Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions" post, adding information on the new tamper protection capabilties for custom exclusions.

#MDAV #MDE #Exclusions #tamperprotection

https://cloudbrothers.info/en/guide-to-defender-exclusions/

Version 1.1 of the Microsoft LNK recovery script with added support to restore from the Volume Shadow Copy Service released

#ASRmagedon #MDE #MDAV

https://github.com/microsoft/MDE-PowerBI-Templates/blob/master/ASR_scripts/AddShortcuts.ps1

My blog post from July last year became more relevant since last Friday then I had hoped.

But now is a good time to think about using the gradual rollout process for Microsoft Defender updates.

#M365D #MDAV #MDE #ASRmagedon

https://cloudbrothers.info/en/gradual-rollout-process-microsoft-defender/

🤩 When you use #Intune to manage your clients, tamper protection now also prevents changes to local admin merge of exclusion, which results in tamper protected exclusions 🛡️

‼️#MDAV version 4.18.2111+ is required.

#MDE #Security

https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/introducing-tamper-protection-for-exclusions/ba-p/3713761?WT.mc_id=AZ-MVP-5004810

🛡️ The Hitchhiker's Guide to Microsoft Defender for Endpoint exclusions

In this comprehensive guide I explain all available Defender for Endpoint exclusions, how they interact and which ones to use and which to avoid.

If you haven't already check it out, now is a great time.

#MDE #MDAV #Exclusion #Defender #DefenderForEndpoint #Security #AV

https://cloudbrothers.info/en/guide-to-defender-exclusions/