Forum Discussion
telemetryd_v2 High CPU in macOS
I've been seeing this process have consistently high CPU use. According to Activity Monitor, it's a child process of wdavdaemon_enterprise. I tried disabling realtime protection, but that did not decrease the CPU use. The other notable change that I can think of is that I downloaded the Chromium codebase yesterday and built it, so I'm wondering if that's causing the cloud submission process to go crazy. I looked at https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mac-support-perf?view=o365-worldwide, but it only discusses realtime scanning.
Can anyone provide insight on what this specific process is responsible for? Thanks.
8 Replies
I am also dealing with excessive CPU usage, which causes my MacBook to run hot during use. Despite using an M4 MacBook Pro with 24GB of memory, the problem persists. It’s wired that this is still happening in 2026.
JacobJiangMicrosoft
can't believe it's old thread and still occuring
- Thanks all for the replies. I think this must've been an issue with that particular build of MDE. I haven't seen the issue reoccur since my original post.
- Try turning off device discovery.
- lmasieri
I'm seeing the same on my Macbook
yongrheemsftDK1 and @Imasieri, I was not able to find any open support cases with the telemetry_v2 process running high cpu.
Step 1) Please make sure that you are able to reproduce in the latest MDE for macOS. For the latest version, please review: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mac-whatsnew?view=o365-worldwide
Step 2) Try going thru the steps here: https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/mac-support-perf?view=o365-worldwide
If the problem still occurs:
Step 3) Collect a diagnostic log, by downloading and running aka.ms/xMDEClientAnalyzerBinary
Step 4) Contact your helpdesk/fieldtech, or the Sec Admin that has access to security.microsoft.com, and ask them to open a Microsoft CSS Support ticket.
Thank you,
Yong Rhee [MSFT]yongrheemsft I think that turning off cloud-delivered protection reduced the network traffic.
