MC1251207 - Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint

Introduction

We’re adding new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help your organization strengthen endpoint security and proactively reduce exposure to common attack techniques. These recommendations support more robust security baselines and help you assess and improve protection across your devices.

When this will happen

• Public Preview: Rollout began at the end of February 2026 and is expected to complete by mid‑March 2026.

How this will affect your organization

Who is affected

• Admins who manage Microsoft Defender for Endpoint and Microsoft Secure Score.

What will happen

Customers in Public Preview will see the following new Microsoft Secure Score recommendations:

• SMB server security hardening against authentication relay attacks:

   

• Block file transfer over Remote Desktop Protocol (RDP):

   

As these recommendations become available:

• Secure Score will update based on your organization’s implementation of the recommended actions.
• No changes will be made to your existing configurations unless you choose to enable the recommended settings.
• These recommendations are off by default and require admin action to adopt.

What you can do to prepare

• Review the new recommendations in Microsoft Secure Score as they become available.
• Complete the recommended actions to strengthen your endpoint security posture.
• Communicate these changes to your security and endpoint management teams.
• Update internal documentation if you track Secure Score or MDE configuration standards.
• Learn more: Microsoft Secure Score | Microsoft Defender XDR | Microsoft Defender | Microsoft Learn

Compliance considerations

No compliance considerations identified. Review as appropriate for your organization.