Monthly antimalware platform updates for Windows Defender

Beginning with December 2017, Microsoft is releasing antimalware platform updates for Windows Defender each month. The platform updates will be published as follows: category: Definition Updates, product: Windows Defender. If you use a Configuration Manager automatic deployment rule (ADR) to approve and deploy definition updates for Windows Defender, that same ADR will now pick up…

4

Configuration Manager 2007 and Windows Enforcement of SHA1 Certs

System Center Configuration Manager 2007 supports SHA-1 but does not support SHA-2 certificates. If you use SHA-2 certificates with Configuration Manager 2007, Configuration Manager continues to operate as expected using SHA-1 fallback.    For more information, see Windows Enforcement of SHA1 certificates. For later versions of Configuration Manager see, System Center 2012 Configuration Manager and…


How Windows Defender harnesses the power of machine learning to help make Windows 10 Microsoft’s most secure client OS

Windows Defender harnesses the power of machine learning, contributing to making Windows 10 Microsoft’s most secure client operating system and providing increased protection against security threats facing consumers and commercial enterprises today. To reduce the number of both false negative and false positive detections, Microsoft’s automation pipeline uses a variety of tools and technologies to…


How to deploy Potentially Unwanted Application protection with Microsoft Configuration Manager

Potentially Unwanted Application (PUA) is a threat classification based on reputation and research-driven identification. Most commonly, these PUAs are unwanted applications that come bundled with some other application installer. With Microsoft System Center 2012 Endpoint Protection and Configuration Manager, you can protect your users from PUAs by simply deploying an antimalware policy in your Configuration…


Managing Windows 10 Device Guard with Configuration Manager

We are excited to share information on how to deploy Device Guard on Windows 10 devices managed by Configuration Manager, using existing capabilities in System Center 2012 R2 Configuration Manager SP1. Why Device Guard? Device Guard is a new feature…(read more)


Quick Tip: Windows Defender clients on Windows 10 fail to get software updates from Configuration Manager

~ Ranajoy Dutta | Senior Support Engineer Hi everyone, Ranajoy Dutta here. I’m a Senior Support Engineer on Microsoft’s Configuration Manager team and thought I’d share a quick tip about an issue you might run into with Windows Defender on Windows 10. The problem usually is first noticed by the fact that the Windows Defender…


Support Tip: Why can’t I deploy this Digital Certificate Security Advisory with WSUS or Configuration Manager?

~ Meghan Stewart | Support Escalation Engineer Here in product support we get a lot of questions regarding how to tell if computers are protected when Microsoft Security Advisories include updates to the Certificate Trust List (CTL), which is also known as the Disallowed Certificates update. Microsoft updates the CTL for Windows to remove trust…


Why Microsoft Security Bulletins MS15-049 and MS15-051 are listed as MS15-044 in WSUS and Configuration Manager

~ Meghan Stewart | Support Escalation Engineer If you’ve reviewed the Security Bulletin Summary for May 2015, you may have noticed that some security bulletins appear to be missing from your WSUS or Configuration Manager console. If you open the Microsoft Update Catalog and put in all of the KB numbers that were published under…