The deadline is fast approaching -- we mentioned in a previous blog that any customers running Microsoft Defender for Endpoint on Windows 7 or Windows Server 2008 R2 must take the following actions or their agents will stop sending data:
Before November 2, 2020, do the following:
- Install the SHA-2 signing Windows updates as described in https://support.microsoft.com/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus
- Update to the latest version of the Log Analytics Windows agent (https://go.microsoft.com/fwlink/?LinkId=828603 or https://go.microsoft.com/fwlink/?LinkId=828604)
You can find the relevant devices in your environment using an advanced hunting query. You can use the following that is available on GitHub: https://github.com/anthonws/MTPAHQueries/blob/master/Log_Analytics_Agent_SHA2_Support.txt
Learn more information about SHA-2 signing enforcement in the https://docs.microsoft.com/en-us/azure/azure-monitor/platform/log-analytics-agent#sha-2-code-signing-support-requirement-for-windows.
For any other questions, please feel free to reach out Microsoft Defender for Endpoint Support.
Thank you,
The Microsoft Defender for Endpoint team
