Forum Discussion
Remove a wiped device from Defender For Endpoint isolation
Scenario A user's device had downloaded and executed malware, just prior to going to lunch. As we were unable to contact the user, we isolated the device via Defender For Endpoint. After ana...
What you describe does seem unexpected, but regarding the errors: this is a Windows cmd script, not a powershell script, try running it in a classic Command Prompt window aka cmd.exe.
- Thanks, I wasn't the user who ran the script but yeah PS was used!
How do other organisations handle isolations - particularly when you want to reimage the device to remediate risk of malware?
