Microsoft Defender for Endpoint for Linux will bundle Netfilter and Libpcre dependencies within the MDE package starting early-May 2025, eliminating the need for external installations. This change will not affect MDE functionality. Post-update, users can safely remove the external MDE netfilter dependency using specified commands for their distribution.
Microsoft Defender for Endpoint (MDE) for Linux will no longer require external dependencies for MDE Netfilter and Libpcre in the mdatppackage. Instead, these dependencies will be bundled within the MDE package itself. This change aims to eliminate onboarding challenges caused by the need to install additional dependencies.
When this will happen:
General Availability (Worldwide): The rollout is scheduled for early-May 2025. The MDE version at the time will resemble 101.25032.xxxx (where the patch version "xxxx" may vary).
How this will affect your organization:
This update does not alter the functionality or behavior of MDE. All features will continue to work as they did previously.
Post-rollout, the following documentation will contain additional details:
What you need to do to prepare:
Upgrade Considerations:
In upgrade scenarios, since the external MDE netfilter dependency will no longer be required after updating to the new version, it can be safely removed. Use the following commands to uninstall it based on your distribution: