Reminder – Enhanced antimalware Engine capabilities for Linux: Validate to ensure continued protection

This post is a reminder about the enhanced anti-malware engine capabilities for Linux and macOS that have been gradually rolled out by Microsoft. The post states that the new engine has been deployed successfully across thousands of systems. To ensure continued protection, it is important to verify that you are running the enhanced engine which can be done by checking the engine version from the output of "mdatp health". In addition, organizations need to configure their network/proxy/internet settings to allow connections between their endpoints and certain Microsoft URLs. More information about allowing-listing these URLs is available in the blog post and documentation provided by Microsoft.

The timeline and version requirements for this transition have also been provided in this post. Microsoft began rolling out the enhanced anti-malware engine in June and it is scheduled to complete by the last week of September. The minimum Microsoft Defender for Endpoint version number must be 101.62.64 Feb 2022 build to enable a smooth transition. However, it is recommended to upgrade to the latest version available at the point in time for the most updated capabilities. Finally, it is important to note that organizations that do not allow-list access to the mentioned URLs will be unable to download threat definition updates required for effective anti-malware protection.

So, if you are using Microsoft Defender Antivirus on Linux and macOS, it is recommended to check if your system is running the enhanced anti-malware engine and allow-list the necessary URLs to ensure uninterrupted protection. Note that no action is required if the necessary steps have already been taken based on the previous communications from Microsoft.

The post Reminder – Enhanced antimalware Engine capabilities for Linux: Validate to ensure continued protection originally appeared on M365 Admin.