Microsoft Defender Antivirus security intelligence and product updates - Microsoft De

[harlan4096]

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

January-2025 (Platform: 4.18.25010.xxxx | Engine: 1.1.25010.7)

Security intelligence update version: 1.423.21.0
Release date: February 20, 2025 (Engine) / TBD (Platform)
Platform: 4.18.225010.xxxx (Platform release is pending)
Engine: 1.1.25010.7
Support phase: Security and Critical Updates

What's new

Improved handling of attack surface reduction rule exclusions.
Improved AMSI scan performance with changes to exclusion handling.
Fixed Controlled Folder Access (CFA) protection for OneDrive when backup is enabled.
Fixed performance issues with full scans when initiated from the Microsoft Defender portal.
Fixed ASR warn mode processing for containerized objects (such as Office files) when the unblock option is selected.
Fixed ASR warn mode processing when exclusions are applied.
Fixed performance handling with file transfers having Mark of the Web (MoTW) set.
Implemented AzureAd cache to handle offline environments with device control.
Resolved an issue with TrustLabelProtectionStatus being reset after a Microsoft Defender platform update.
Resolved an issue with tamper protection for exclusions where an exclusion policy was handled by System Center Configuration Manager.
Fixed issue with device control auditing of removable media.
Fixed issue with MDM policy management on Azure Virtual Desktop.
Added support for wildcards in tamper protection trusted process.
Improved device control policy enforcement in offline environments.