• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Resources
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
Compliance, IT Infrastructure, Managed Service, Network Security, News

Microsoft Unveils New Antimalware Engine Capabilities for Linux and macOS

Microsoft's new antimalware engine for Linux and macOS will help protect devices or endpoints within organizations.

April 27, 2022 TD Staff Leave a Comment

OneNote Malware, Proofpoint

Microsoft announced an upgrade to its next generation of protection on Linux and MacOs with a new Microsoft Defender Antivirus malware engine. The new antimalware engine brings machine learning, big-data analysis, in-depth threat research, and the Microsoft cloud infrastructure to protect devices (or endpoints) within organizations.

The new antimalware engine in Microsoft Defender is currently in public preview mode. After the public preview phase, general availability will gradually roll out to all devices.

In a Tech Community blog, Microsoft says users can expect the following:

  • Better support for protection against known and unknown malware with client-side machine-learning models, heuristics, and correlation between static signals.
  • Enhanced cloud-delivered protection with support for metadata-based machine-learning models, file classifications and reputation-based  machine-learning models, and more.
  • Emergency security intelligence updates are now available through cloud-delivered protection that can help protect against malware outbreaks.
  • Better support for false positive and false negative prevention.
  • Threat naming and definition version nomenclature will change for the purpose of consistency across all platforms and aligning to our overall naming conventions. For more information about how Microsoft names malware, see Malware names | Microsoft Docs.
  • Reduced memory and CPU footprints
  • Improved behavior monitoring with lower resource consumption is now available to all our customers as a configurable component for Linux (if enabled).
  • Memory scanning, providing better coverage for fileless attacks (Linux).
  • Reduced overall package size, significantly reduced security intelligence update download sizes.
  • Custom file indicators are now available with “audit”, “allow”, “block & remediate” action. The certificate indicator type will be added at a later date.

The prerequisites for the new Microsoft Defender antimalware engine are the following:

  1. Preview features must be enabled on your tenant. See Turn on preview features for more information
  2. The device must be in the insiders-fast or insiders-slow channel on Linux, Beta or Preview on macOS.
  3. If your organization has preview features enabled in your tenant, please ensure that machines participating in these channels are always on the latest version to take the latest fixes and improvements.
  4. The minimum Microsoft Defender for Endpoint version number must be 101.56.62 and for down-level servers (RHEL 6.x and CentOS 6.x) it must be 101.62.64

Another key feature of the new antimalware engine is the ability to create custom file indicators, of which some may already have experience with on Windows. The three indicator response actions are ‘allow’, ‘alert only’, and ‘alert and block’. The actions are now supported on macOS and Linux.

Microsoft also notes that warn and block indicator types are currently not supported for Linux & macOS, as visually indicated in the Microsoft 365 Defender portal. Microsoft adds, “If you have previously created non-scoped custom file indicators (targeted to all devices) in your environment, the indicators will also start applying to any device that is running the new antimalware engine.”

For more information, visit Microsoft’s Tech Community blog.

Tagged With: Linux, macOS, Microsoft, Microsoft antimalware engine

Related Content:

  • McGuire Sponsel meeting room with ClearOne solutions ClearOne Conferencing Solutions Help Clarify Audio and Reduce…
  • Malwarebytes Mobile Security for Business Malwarebytes Launches Mobile Device Security Solution
  • Microsoft Adaptive Protection Microsoft Launches New Machine-Learning-Enabled Adaptive Protection for Data…
  • OneNote Malware, Proofpoint Hackers Are Pivoting to OneNote Documents for Malware…

Free downloadable guide you may like:

  • Harnessing the Power of Digital SignageHarnessing the Power of Digital Signage

    Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Harnessing the Power of Digital Signage
Harnessing the Power of Digital Signage

Choosing the best solutions for messaging, branding, and communicating in today’s content-everywhere landscape

Blueprint Series Cover: What works for hybrid work
Blueprint Series: What Works for Hybrid Work

Download this free resource to learn about how IT leaders can effectively manage and implement a hybrid work model.

Guide to creating a ransomware response plan download
Blueprint Series: Creating a Ransomware Response Plan

Chances are ransomware hackers are researching your company right now. They’re investing time and money to choose the most profitable targets and a...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!
Sharp Microsoft Collaboration HQ Logo

Learn More About the
Windows Collaboration Display

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

AV-iQ

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions & Advertising
  • Comment Guidelines
  • RSS Feeds
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!
Emerald Logo
ABOUTCAREERSAUTHORIZED SERVICE PROVIDERSTERMS OF USEPRIVACY POLICY

© 2023 Emerald X, LLC. All rights reserved.