Updated Microsoft Defender Antivirus AVSignatureDue policy limit

Originally posted by Microsoft Sep 12, 2025 Uncategorized 0 Comments

Starting September 2025, Microsoft Defender Antivirus will require the AVSignatureDue policy minimum to be 2 days (up from 1 day) to prevent false alerts. Organizations with settings below 2 days should update their configuration before rollout completes in mid-October 2025.

Introduction

To improve the accuracy of signature age alerts in Microsoft Defender Antivirus, we’re updating the minimum supported value for the AVSignatureDue policy. Previously, this setting could be configured to as low as one day, which led to misleading alerts due to timing misalignment between signature updates and checks. Starting in September 2025, the minimum value will be set to 2 days.

When this will happen

General Availability (Worldwide): Rollout will begin in late September 2025 and is expected to complete by mid-October 2025.

How this affects your organization

This change will only affect organizations that have configured the AVSignatureDue policy to a value less than 2 days. After this update, any value below 2 days will no longer be supported. This adjustment helps prevent false alerts indicating outdated signatures when updates have already been applied.

What you can do to prepare

If your organization has set the AVSignatureDue policy to less than 2 days, update the configuration to 2 days or higher to ensure continued policy compliance and accurate alerting.

Learn more: Microsoft Defender Antivirus policy documentation.

Compliance considerations

Message ID: MC1151677

Comments are closed.

Joao Ferreira

I've been working with Microsoft Technologies over the last ten years, mainly focused on creating collaboration and productivity solutions that drive the adoption of Microsoft Modern Workplace.

%d bloggers like this: