Microsoft Defender ATP now in preview on Windows 10 Enterprise multi-session
We are happy to announce on Microsoft Defender Advanced Threat Protection (MDATP) support on Windows Virtual Desktop enabling both single and multi-session scenarios. The support for Multi-user session scenarios is currently in Preview and limited up to 25 concurrent sessions per host/VM while the single session scenarios are fully supported. The support applies to the following operating systems: Windows 10 Enterprise multi-session, version 1809 or later Windows 10 Enterprise, version 1809 or later Windows 7 Enterprise Windows Server 2019 Windows Server 2016 Windows Server 2012 R2 Onboarding WVD devices to MDATP is done via the existing device onboarding process, follow the relevant onboarding instructions per the platform you are using: Follow these instructions for Windows 10 based VMs Follow these instructions for Windows Server-based VMs Follow these instructions for previous Windows client versions Regards, Pieter
Tamper Protection managed by administrator and OFF - cannot be enabled manually when joined on-prem
Hi all, We are currently only managing Microsoft Defender ATP via Group Policy and there is no GPO for tamper protection. But we cannot enable it manually either-. "This setting is managed by your administrator" and set tamper protection to OFF. When deploying a new Windows 10 I can enable it manually. When joining the computer to on-prem AD and GPO for Windows Defender ATP hits, temper protection is turned off and you cannot change it. Is this by design or is there a GPO setting interfering? Thanks!
MDATP File Hash Indicators
Hi, I am not allowed to upload MD5 file hashes into the Indicators Tab for Microsoft Defender Security Center. It also shows a message that MD5 file hash method is not recommended. I have around 500 MD5 hashes for IOCs which I need to upload. Is there a way around through which I can cover these MD5 file hashes to SHA-1 or SHA-256 and then upload in Defender Security Center.
