MC1191616 – M365 Change Digest

One-line summary

New Secure Score recommendations for Defender for Endpoint will roll out in public preview, helping block attacks and improve endpoint protection by end of Nov 2025.

Similar updates

Details

Summary

New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out from late November to mid-December 2025, adding actions like disabling Remote Registry Service on Windows. Available to Microsoft 365 E5 or Defender for Endpoint Plan 2 customers, admins should review and implement these to enhance security.

Body (from Message Center)

Introduction

We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help organizations strengthen their security posture. These recommendations are designed to proactively block common attack techniques and improve endpoint protection.

When this will happen

Public Preview: Rollout will begin at the end of November 2025 and is expected to complete by mid-December 2025.

How this affects your organization

Who is affected: Admins managing Microsoft Defender for Endpoint and Microsoft Secure Score.

Licensing requirements: This functionality is available to Microsoft 365 E5 customers or those with Microsoft Defender for Endpoint Plan 2 (P2).

What will happen:

Customers in Public Preview will see new recommendations in Microsoft Secure Score:
- Disable Remote Registry Service on Windows
Secure Score will update based on the implementation of these recommendations.

What you can do to prepare

Review the new recommendations in Microsoft Secure Score once available.
Complete the recommended actions to improve your organization’s security posture.
Communicate these changes to your security and endpoint management teams.

Learn more:

Compliance considerations

No compliance considerations identified, review as appropriate for your organization.

Raw JSON (for debugging)

Expand/collapse the full payload below.

Show/hide raw

{
  "snapshot_item": {
    "action_required_by": null,
    "ai_action_required_by": null,
    "ai_actions": [
      "Review new Secure Score recommendations",
      "Complete recommended security actions",
      "Inform security and endpoint teams"
    ],
    "ai_master_tags": [
      "Security"
    ],
    "ai_model": "gpt-4.1",
    "ai_summary": "New Secure Score recommendations for Defender for Endpoint will roll out in public preview, helping block attacks and improve endpoint protection by end of Nov 2025.",
    "ai_topics": [
      "Defender",
      "Secure Score"
    ],
    "category": "stayInformed",
    "details_map": {
      "Summary": "New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out from late November to mid-December 2025, adding actions like disabling Remote Registry Service on Windows. Available to Microsoft 365 E5 or Defender for Endpoint Plan 2 customers, admins should review and implement these to enhance security."
    },
    "id": "MC1191616",
    "importance": 1,
    "is_major_change": false,
    "last_modified": "2025-12-03T00:04:38Z",
    "ms_products": [
      "Defender"
    ],
    "platforms": null,
    "roadmap_ids": [],
    "services": [
      "Microsoft Defender XDR"
    ],
    "severity": "normal",
    "tags": [
      "New feature",
      "User impact",
      "Admin impact"
    ],
    "title": "Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint"
  }
}