Published Nov 26, 2024
Microsoft is updating the Secure Score action for Defender for Endpoint to better reflect security posture, retiring the SCID-2020 recommendation. Rollout starts January 2025, with no admin action needed. The related recommendation will be removed from the UI, and scores will be adjusted accordingly.
Updated December 31, 2024: We have updated the rollout timeline below. Thank you for your patience.
We’re updating the Microsoft Secure Score improvement action of Microsoft Defender for Endpoint (MDE) to ensure a more accurate representation of security posture.
As part of this change, we will gradually retire the MDE recommendation on SCID-2020, Turn on all system-level Exploit protection settings.
We are working to refine the recommendation, ensuring it aligns more accurately with recommended policies and enhances the overall security value.
When this will happen:
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out early January 2025 (previously early December) and expect to complete by early February 2025 (previously early January).
How this will affect your organization:
The Turn on all system-level Exploit protection settings recommendation will be completely removed from the UI, and the score will be changed in accordance.
This update is available by default.
What you need to do to prepare:
This rollout will happen automatically with no admin action required. You may want to notify your users about this change and update any relevant documentation as appropriate.