Detect Microsoft Defender broken after MS patching

Our SCCM Team started testing with May 2022 security patches which seems to break posture check for ‘Detect Microsoft Defender’, anyone else seeing this ? Issues reported so far is with ZCC 3.7.1.54 and ZCC 3.8.0.93.

G

Hello,
Are you using Microsoft Defender Advanced Threat Protection (ATP) or Microsoft Defender AV? Was it working before with pervious Client Connector versions?

Hi Jamil,
Apologies, Microsoft Defender Advanced Threat Protection (ATP) .
Yes it was working fine for months but as MS Tuesday patch cycle started early testing which then hits our custom Block message.

G

Seems I’ve cried wolf too soon, second restart seems to resolve it. We’ll update our Policy Block message asking the user to restart twice

1 Like

Update:

Info from dev-team, KB5013942 is changing the thumbprint which is causing the Windows Defender posture check to begin failing. We have updated all clouds with the new thumbprint, issue should be resolved.

1 Like