Latest Microsoft Defender news

Windows SmartScreen flaw exploited to drop Phemedrone malware

A Phemedrone information-stealing malware campaign exploits a Microsoft Defender SmartScreen vulnerability (CVE-2023-36025) to bypass Windows security prompts when opening URL files.
- Bill Toulas
- January 15, 2024
- 01:32 PM
- 0
Microsoft deprecates Defender Application Guard for some Edge users

Microsoft is deprecating Defender Application Guard (including the Windows Isolated App Launcher APIs) for Edge for Business users.
- Sergiu Gatlan
- December 21, 2023
- 01:10 PM
- 0
Microsoft deprecates Defender Application Guard for Office

Microsoft is deprecating Defender Application Guard for Office and the Windows Security Isolation APIs, and it recommends Defender for Endpoint attack surface reduction rules, Protected View, and Windows Defender Application Control as an alternative.
- Sergiu Gatlan
- November 27, 2023
- 04:00 PM
- 0
Microsoft launches Defender Bounty Program with $20,000 rewards

Microsoft has unveiled a new bug bounty program aimed at the Microsoft Defender security platform, with rewards between $500 and $20,000.
- Sergiu Gatlan
- November 21, 2023
- 02:13 PM
- 0
Microsoft enhances Windows 11 Phishing Protection with new features

Microsoft is further enhancing the Windows 11 Enhanced Phishing Protection by testing a new feature that warns users when they copy and paste their Windows password into websites and documents.
- Lawrence Abrams
- July 23, 2023
- 01:02 PM
- 0
Microsoft Defender Antivirus gets ‘performance mode’ for Dev Drives

Microsoft has introduced a new Microsoft Defender capability named "performance mode" for developers on Windows 11, tuned to reduce the impact of antivirus scans when analyzing files stored on Dev Drives.
- Sergiu Gatlan
- May 26, 2023
- 03:42 PM
- 0
Microsoft Defender update causes Windows Hardware Stack Protection mess

In a confusing mess, a recent Microsoft Defender update rolled out a new security feature called 'Kernel-mode Hardware-enforced Stack Protection,' while removing the LSA protection feature. Unfortunately, Microsoft has not provided any documentation on this change, leading to more questions than answers.
- Lawrence Abrams
- April 19, 2023
- 05:57 PM
- 1
Microsoft Defender mistakenly tagging URLs as malicious

Microsoft Defender is mistakenly flagging legitimate links as malicious, with some customers having already received dozens of alert emails since the issues began over five hours ago.
- Sergiu Gatlan
- March 29, 2023
- 11:38 AM
- 1
Microsoft Defender app now force-installed for Microsoft 365 users

Microsoft is now force-installing the Microsoft Defender for Individuals application when installing or updating the Microsoft 365 apps.
- Sergiu Gatlan
- February 27, 2023
- 04:45 PM
- 6
Microsoft Defender can now isolate compromised Linux endpoints

Microsoft announced today that it added device isolation support via Microsoft Defender for Endpoint (MDE) on onboarded Linux devices.
- Sergiu Gatlan
- January 31, 2023
- 03:14 AM
- 0
Microsoft script recreates shortcuts deleted by bad Defender ASR rule

Microsoft released advanced hunting queries (AHQs) and a PowerShell script to find and recover some of the Windows application shortcuts deleted Friday morning by a buggy Microsoft Defender ASR rule.
- Lawrence Abrams
- January 15, 2023
- 02:07 PM
- 0
Buggy Microsoft Defender ASR rule deletes Windows app shortcuts

Microsoft has addressed a false positive triggered by a buggy Microsoft Defender ASR rule that would delete application shortcuts from the desktop, the Start menu, and the taskbar and, in some cases, render existing shortcuts unusable as they would no longer launch the linked apps.
- Sergiu Gatlan
- January 13, 2023
- 10:20 AM
- 7
Google discovers Windows exploit framework used to deploy spyware

Google's Threat Analysis Group (TAG) has linked an exploit framework that targets now-patched vulnerabilities in the Chrome and Firefox web browsers and the Microsoft Defender security app to a Spanish software company.
- Sergiu Gatlan
- November 30, 2022
- 12:00 PM
- 2
Microsoft Defender boosts default protection for all enterprise users

Microsoft announced that built-in protection is generally available for all devices onboarded to Defender for Endpoint, the company's endpoint security platform.
- Sergiu Gatlan
- November 29, 2022
- 09:59 AM
- 1
Microsoft Defender network protection generally available on iOS, Android

Microsoft announced that the Mobile Network Protection feature is generally available to help organizations detect network weaknesses affecting Android and iOS devices running Microsoft's Defender for Endpoint (MDE) enterprise endpoint security platform.
- Sergiu Gatlan
- November 11, 2022
- 03:01 PM
- 2
Microsoft Defender adds command and control traffic detection

Microsoft has added command-and-control (C2) traffic detection capabilities to its Microsoft Defender for Endpoint (MDE) enterprise endpoint security platform.
- Sergiu Gatlan
- October 12, 2022
- 12:32 PM
- 1
Microsoft Defender falsely detects Win32/Hive.ZY in Google Chrome, Electron apps

A bad Microsoft Defender signature update mistakenly detects Google Chrome, Microsoft Edge, Discord, and other Electron apps as 'Win32/Hive.ZY' each time the apps are opened in Windows.
- Lawrence Abrams
- September 04, 2022
- 11:30 AM
- 11
Microsoft Defender now better at blocking ransomware on Windows 11

Microsoft has released new Windows 11 builds to the Beta Channel with improved Microsoft Defender for Endpoint ransomware attack blocking capabilities.
- Sergiu Gatlan
- August 02, 2022
- 03:13 PM
- 0
Microsoft announces new external attack surface audit tool

Microsoft has announced a new security product allowing security teams to spot Internet-exposed resources in their organization's environment that attackers could use to breach their networks.
- Sergiu Gatlan
- August 02, 2022
- 09:00 AM
- 0
Microsoft Defender Experts for Hunting now generally available

Microsoft Defender Experts for Hunting, a new managed security service for Microsoft 365 Defender customers, is now generally available.
- Sergiu Gatlan
- August 01, 2022
- 02:32 PM
- 0