New Update Security Intelligence Updates in Microsoft Defender (Threat Detection Changelog)

Fel Grossi

Level 13
Verified
Top Poster
Well-known
Jan 17, 2014
627

July-2024 (Platform: 4.18.24070.5 | Engine: 1.1.24070.3)​

  • Security intelligence update version: 1.417.14.0
  • Release date: August 7, 2024 (Engine and Platform)
  • Platform: 4.18.24070.5
  • Engine: 1.1.24070.3
  • Support phase: Security and Critical Updates

What's new​

  • False positive detections are no longer reported as ThreatNotFound in the Microsoft Defender portal.
  • Optimized Network Protection calls to the backend that occur as a result of suspicious connection checks.
  • Fixed the PerformanceModeStatus configuration key in Defender CSP so changing this value in the console takes effect on the endpoint.
  • Resolved an issue where File Evidence Location was not always captured in scenarios where the Remote Location is inaccessible.
  • New event log added (5016) to report Microsoft Defender Antivirus self-healed when a deadlock is detected during shutdown.
  • Fixed a prioritization issue with full scans initiated from the portal that resulted in longer than expected full scan duration.
 

SeriousHoax

Level 49
Verified
Top Poster
Well-known
Mar 16, 2019
3,833
Regarding Micrsoft Defender, last year and years before that they were fixing reported false positives within 24 hours in most cases, even on weekends. But now they seem to ignore all user submissions. I submitted a false positive last month which was never checked. At the start of this month also sent a false positive which hasn't been checked yet and the submission records are removed after 30 days. Very disappointing.
I also had a false positive from the Ransomware ASR rule. To report ASR rules related FPs you have to be an enterprise customer.
 

oldschool

Level 84
Verified
Top Poster
Well-known
Mar 29, 2018
7,511
Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

August-2024 (Platform: 4.18.24080.9 | Engine: 1.1.24080.9)​

  • Security intelligence update version: 1.419.1.0
  • Release date: September 17, 2024 (Engine and Platform)
  • Platform: 4.18.24080.9
  • Engine: 1.1.24080.9
  • Support phase: Security and Critical Updates

What's new​

  • Added a new parameter to get-mppreference cmdlet (ControlledFolderAccessDefaultProtectedFolders) to show default protected folders for Controlled Folder Access (CFA).
  • Fixed an issue with Device Control regarding printer security checks.
  • Resolved an issue with platform rollback after an upgrade from Windows 10 to 11.
  • Fixed an issue where volume exclusions weren't properly enforced in real-time protection after the completion of OOBE.
  • Removed support for Windows RT devices, for example, Surface RT, that use 32-bit ARM processors and have reached their end-of-servicing date.
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top