New Update Security Intelligence Updates in Microsoft Defender (Threat Detection Changelog)

simmerskool · Mar 14, 2025

oldschool said:
W11 Pro. Enable beta channel via GPO or Powershell command.

"stuck" with win10 unless I buy some hardware. thanks!

oldschool · Mar 14, 2025

simmerskool said:
"stuck" with win10 unless I buy some hardware. thanks!

You can still enable the Beta channel.

oldschool · Mar 18, 2025

Beta channel update

Antimalware Client Version: 4.18.25030.2

oldschool · Apr 2, 2025

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

March-2025 (Engine 1.1.25030.1)

Security intelligence update version: 1.427.3.0
Release date: April 1, 2025 (Engine only)
Platform: 4.18.25020.1009
Engine: 1.1.25030.1
Support phase: Security and Critical Updates

What's new

Product improvements

Fel Grossi · Apr 10, 2025

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

Manage how Microsoft Defender Antivirus receives protection and product updates.

learn.microsoft.com

March-2025 (Platform: 4.18.25030.2 | Engine 1.1.25030.1)

Security intelligence update version: 1.427.3.0

Release date: April 1, 2025 (Engine) / April 9, 2025 (Platform)

Platform: 4.18.25030.2

Engine: 1.1.25030.1

Support phase: Security and Critical Updates

What's new

Improved caching of device control settings to improve reliability in occasionally connected environments.

Performance improvement in on-access scans of files in network locations.

Fixed the Defender service description to match the latest installed version.

Improved Defender engine update logic when the update is included in a custom image.

Fix in health reporting where signature update data might have been incorrect.

Fixed reporting issue with controlled folder access (CFA) protected folders using the PowerShell cmdlet Get-MpPreference when CFA is disabled.

Improved performance when scanning UPX-packed files (Ultimate Packer for eXecutables) and updated the validation process to verify the integrity of the packed file itself.

Added support for distinguishing regular cloud allow signatures from clean Indicators of Compromise (IoC) in attack surface reduction (ASR).

oldschool · Apr 23, 2025

Beta channel update to

Engine Version: 1.1.25040.1

TairikuOkami · Apr 24, 2025

4.18.25040.2

Code:

https://download.windowsupdate.com/c/msdownload/update/software/defu/2025/04/updateplatform.amd64fre_8ed5fc344b6f5d307f0dec682298e9a2d8469e9f.exe

oldschool · May 1, 2025

TairikuOkami said:

Yes, that's the latest platform version I show on beta channel. AFAIK the stable channel hasn't caught up, at least according to release notes.
Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

oldschool · May 15, 2025

April-2025 (Platform: TBD | Engine: 1.1.25040.1)

Security intelligence update version: 1.429.3.0

Release date: May 14, 2025 (Engine) / (Platform pending)

Platform: (coming soon)

Engine: 1.1.25040.1

Support phase: Security and Critical Updates

What's new

Fixed TVM Block where we failed to block a trusted file

Fixed Microsoft Defender platform update timestamp to reflect the actual update time.

The 1002 event (An anti-malware scan was stopped before it finished) now includes details of the stop reason.

Added more details to the 1000 event (Scan started), like scan trigger and scan on idle.

Improved ASR file processing to correctly handle "allow" Indicators of Compromise (IoCs).

Improvement in health reporting for machines that are rebooted or hibernated.

Improved performance for Smart App Control (SAC) trusted file handling.

Improved device control logic for offline printers.

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

oldschool · May 15, 2025

Beta Engine Version: 1.1.25050.2

Parkinsond · May 15, 2025

oldschool said:
April-2025 (Platform: TBD | Engine: 1.1.25040.1)

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

In events log, I found SAC blocking some Windows dll files!

oldschool · May 15, 2025

Parkinsond said:
In events log, I found SAC blocking some Windows dll files!

Indeed, SAC will block some MS stuff, but they are usually (?) harmless. They're famous for using unsigned dlls. Hey, it's their OS, they can do what they want.

Parkinsond · May 15, 2025

oldschool said:
Indeed, SAC will block some MS stuff, but they are usually (?) harmless. They're famous for using unsigned dlls. Hey, it's their OS, they can do what they want.

friendly fire

oldschool · Friday at 1:01 PM

Beta Platform updated to Antimalware Client Version: 4.18.25050.2

Search

New Update Security Intelligence Updates in Microsoft Defender (Threat Detection Changelog)

simmerskool

Level 42

oldschool

Level 85

oldschool

Level 85

oldschool

Level 85

Fel Grossi

Level 13

Microsoft Defender Antivirus security intelligence and product updates - Microsoft Defender for Endpoint

March-2025 (Platform: 4.18.25030.2 | Engine 1.1.25030.1)

What's new

oldschool

Level 85

TairikuOkami

Level 38

oldschool

Level 85

oldschool

Level 85

What's new

oldschool

Level 85

Parkinsond

Level 8

oldschool

Level 85

Parkinsond

Level 8

oldschool

Level 85

Similar threads

New Update Security Intelligence Updates in Microsoft Defender (Threat Detection Changelog)

Level 42

Level 85

Level 85

Level 85

Level 13

March-2025 (Platform: 4.18.25030.2 | Engine 1.1.25030.1)​

What's new​

Level 85

Level 38

Level 85

Level 85

What's new​

Level 85

Level 8

Level 85

Level 8

Level 85

Similar threads

March-2025 (Platform: 4.18.25030.2 | Engine 1.1.25030.1)

What's new

What's new