Microsoft Defender automatically manages malware |
Microsoft has made it clear that it will improve the security of Microsoft Defender users by changing settings and defaults from automatic malware fix to fully automatic fix.
Now that you have determined that organizations that use full automation by default are more successful in addressing and controlling threats, change the default management level from half to full.
When the antivirus software detects malware on the computer on the network, it will automatically start to scan for any threats related to the alert.
It also examines files, processes, services, registry keys, and other areas where threats may exist.
Microsoft stated in a blog post: Automatic alert surveys contain a list of relevant entities on the device and their settings (malicious, suspicious, or clean).
A corrective action is established for each harmful part through the investigation. Once the action is approved, the harmful portion of the investigation will be removed.
These processes are identified, managed, and executed by Microsoft Defender, and the Security Operations team does not need to contact the device remotely.
The actions taken depend on the device setup level, as Microsoft Defender was preset to a "semi" setting for customers who selected the "Overview".
This requires approval of all corrections. Soon these clients will be fully configured so that Windows 10 can handle threats automatically.
Since its first launch, Microsoft has made some improvements to automatic malware detection.
Improved detection accuracy of malware, so infections and false positives should be reduced. Additionally, this feature now has better automatic scanning capabilities.
According to Microsoft, customers who used full automation removed 40% of trusted malware samples compared to customers who used a lower level of automation.
Microsoft said, “Full automation provides our customers with important security resources so they can focus more on their strategic plans.
Starting February 16, 2021, Microsoft will automatically update organizations that define public preview in Microsoft Defender to fully automatically handle threats.