Forum Discussion
CodnChips
May 12, 2022Brass Contributor
When is malware not malware?
My 365 Defender Dashboard has populated the "Devices with active Malware" tile, with 1 affected device, I view the details, locate the device and check on the device page. The risk level has ...
Paul_Huijbregts
May 27, 2022Microsoft
Speculative answer: that card takes data from Intune, which collects its own malware detection data from devices. It is possible the device got cleaned by MDAV before enrollment into MDE so no AV events were captured at the time the malware was encountered, or some other mismatch exists due to timing (machine got onboarded again, machine was wiped in between, etc).
Suggest running an AV scan just to confirm.