Microsoft Defender for Endpoint on Linux and MacOS – Mandatory Update to ‘Required’ URLs List
We recently announced the general availability and gradual roll-out of our enhanced anti-malware engine for Linux and macOS.
Note: If your organization is not using Linux or macOS you can safely disregard this message.
When this will happen:
Starting July 31, 2022, access to certain Microsoft URLs will be *required* to ensure uninterrupted cloud-delivered protection on your Linux and macOS systems behind a proxy.
How this will affect your organization:
Organizations that have not allow-listed access to the below mentioned URLs by July 31, 2022 will be unable to download threat definition updates required for effective anti-malware protection.
What you need to do to prepare:
To ensure Microsoft Defender Antivirus cloud-delivered protection works correctly, your security/IT team must configure your network/proxy/internet settings to allow connections between your endpoints and certain Microsoft URLs. To support the new Microsoft Defender for Endpoint on Linux and macOS anti-malware engine enhancements, you must allow-list within the proxy ecosystem in your environment the following URL endpoints:
- go.microsoft.com
- definitionupdates.microsoft.com
- https://www.microsoft.com/security/encyclopedia/adlpackages.aspx
- *.wdcp.microsoft.com
- *.wd.microsoft.com
Version Requirements: Minimum version requirements to enable a smooth transition:
- The minimum Microsoft Defender for Endpoint version number must be 101.62.64 Feb 2022 build
- Soon after migration begins, versions older than 101.62.64 will stop getting protection updates
Note: Additionally, to support definitions storage in non-standard locations (outside of /var) for definition updates please ensure that you are at version 101.71.18.
Additional information is available in our documentation and also on our blog.
Message ID: MC399488
No comments yet