In addition to standard on-premises or hardware configurations, you can also use Microsoft Defender Antivirus in a remote desktop (RDS) or virtual desktop infrastructure (VDI) environment. For more information on Microsoft Remote Desktop Services and VDI support, see Azure Virtual Desktop Documentation. For Azure-based virtual machines, see Install Endpoint Protection in Microsoft Defender for Cloud. With the […]
Category: Microsoft Endpoint
Deploy and enable Microsoft Defender Antivirus
Depending on the management tool you are using, you may need to specifically enable or configure Microsoft Defender Antivirus protection. See the table in Deploy, manage, and report on Microsoft Defender Antivirus for instructions on how to enable protection with Microsoft Intune, Microsoft Endpoint Configuration Manager, Group Policy, Active Directory, Microsoft Azure, PowerShell cmdlets, and Windows Management […]
Deploy, manage, and report on Microsoft Defender Antivirus
You can deploy, manage, and report on Microsoft Defender Antivirus in a number of ways. Because the Microsoft Defender Antivirus client is installed as a core part of Windows 10 and Windows 11, traditional deployment of a client to your endpoints does not apply. However, in most cases you will still need to enable the […]
Prevent or allow users to locally modify Microsoft Defender Antivirus policy settings
By default, Microsoft Defender Antivirus settings that are deployed via a Group Policy Object to the endpoints in your network will prevent users from locally changing the settings. You can change this in some instances. For example, it may be necessary to allow certain user groups (such as security researchers and threat investigators) further control […]
Configure Microsoft Defender Antivirus notifications that appear on endpoints
In Windows 10 and Windows 11, application notifications about malware detection and remediation are more robust, consistent, and concise. Microsoft Defender Antivirus notifications appear on endpoints when scans are completed and threats are detected. Notifications follow both scheduled and manually triggered scans. These notifications also appear in the Notification Center, and a summary of scans and […]
Configure and manage Microsoft Defender Antivirus with the mpcmdrun.exe command-line tool
You can perform various functions in Microsoft Defender Antivirus using the dedicated command-line tool mpcmdrun.exe. This utility is useful when you want to automate Microsoft Defender Antivirus tasks. You can find the utility in %ProgramFiles%\Windows Defender\MpCmdRun.exe. Run it from a command prompt. Tip You might need to open an administrator-level version of the command prompt. When you […]
Use Windows Management Instrumentation (WMI) to configure and manage Microsoft Defender Antivirus
Windows Management Instrumentation (WMI) is a scripting interface that allows you to retrieve, modify, and update settings. Read more about WMI at the Microsoft Developer Network System Administration library. Microsoft Defender Antivirus has a number of specific WMI classes that can be used to perform most of the same functions as Group Policy and other management […]
Use PowerShell cmdlets to configure and manage Microsoft Defender Antivirus
You can use PowerShell to perform various functions in Windows Defender. Similar to the command prompt or command line, PowerShell is a task-based command-line shell and scripting language designed especially for system administration. You can read more about it at the PowerShell hub on MSDN. For a list of the cmdlets and their functions and available […]
Use Group Policy settings to configure and manage Microsoft Defender Antivirus
You can use Group Policy to configure and manage Microsoft Defender Antivirus on your endpoints. Configure Microsoft Defender Antivirus using Group Policy In general, you can use the following procedure to configure or change Microsoft Defender Antivirus group policy settings: On your Group Policy management machine, open the Group Policy Management Console, right-click the Group Policy Object (GPO) […]
Use Microsoft Endpoint Manager to configure and manage Microsoft Defender Antivirus
You can use Microsoft Endpoint Manager to configure Microsoft Defender Antivirus scans. Microsoft Intune and Configuration Manager are now part of Endpoint Manager. Configure Microsoft Defender Antivirus scans in Endpoint Manager Go to the Microsoft Endpoint Manager admin center (https://endpoint.microsoft.com), and sign in. Navigate to Endpoint Security. Under Manage, choose Antivirus. Select your Microsoft Defender Antivirus policy. Under Manage, choose Properties. Next to Configuration settings, choose Edit. Important […]