Updates Microsoft Defender ATP now warns of jailbroken iPhones, iPads

SeriousHoax

Level 36
Verified
Mar 16, 2019
2,576
Microsoft has added support for detecting jailbroken iOS devices to Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus.

The new detection capability now available in the enterprise endpoint security platform (previously known as Microsoft Defender Advanced Threat Protection) will warn security teams of both managed and unmanaged jailbroken iPhones and iPads on their network.

"If it's detected that a device is jailbroken, an alert is surfaced to the security team in Microsoft 365 Defender," Microsoft Senior Program Manager Shravan Thota explained.

"The device will then be considered as a high-risk device and this risk score is shared with your app protection or device compliance policies so that you can block it from accessing corporate resources."

By jailbreaking iOS devices, users gain complete write and execution access by elevating their permissions to root, thus removing all restrictions imposed by Apple on installing applications and customizing the OS behavior.

Since there are no restrictions in place, they can later install potentially malicious applications and, by avoiding updating the device to maintain their root access, they will also expose themselves to attacks by skipping on likely critical security updates.

"These kinds of devices introduce additional risk and a higher probability of a breach to your organization," Thota added.

Microsoft Defender for Endpoint iOS jailbreak alert

With this update,............
Read the full article here
 
Top