Microsoft's macOS Tamper Protection hits general availability

2022-08-16 14:03

Microsoft Defender for Endpoint's Tamper Protection in macOS has entered general availability.

It represents one more layer of protection and prevents the unauthorized removal of Microsoft Defender for Endpoint on macOS. It also prevents tampering with files, process and configuration settings for Defender for Endpoint, and applies at device level.

Alerts are not raised in the Security Center while in audit mode.

The thinking is that administrators can use audit mode to get a sense for how the new feature works before switching to block mode where tampering attempts are blocked and alerts are raised.

Supported macOS versions are Monterey, Big Sur, and Catalina, and version 101.70.19 or above of Microsoft Defender for Endpoint is needed.

Some users might grumble at yet more locking down of their devices when block mode is enabled, but an initial look at audit mode will help administrators spot problems before the security hammer comes down.

News URL

https://go.theregister.com/feed/www.theregister.com/2022/08/16/macos_tamper_protection/

#macos #microsoft

News URL

Related news