Category
stayInformed
Severity
normal
Major change
False
Last modified
2025-12-05 00:43:40
Summary source
Azure OpenAI (gpt-4.1)
Action by (Graph)
—
Action by (AI)
2025-12-31 00:00:00
Services
Microsoft Defender XDR
Tags
Feature update, User impact, Admin impact
Master tags
Security
Roadmap IDs
One-line summary
New Microsoft Secure Score recommendations for Defender for Endpoint will appear in Public Preview at end of Dec 2025 to help block attacks and improve endpoint protection.
Similar updates
More like thisMC1191616 Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint
Microsoft Secure Score: New recommendations for Microsoft Defender for Endpoint New Microsoft Secure Score recommendations for Defender for Endpoint will roll out in public preview starting late November 2025, helping block attacks and improve endpoint security. Introduction We’re introducing new Microsoft Secure Score recommendations for.
MC1179155 (Updated) Microsoft Defender for Identity: New recommendation added to Microsoft Secure Score
(Updated) Microsoft Defender for Identity: New recommendation added to Microsoft Secure Score Microsoft Secure Score adds new improvement actions based on Defender for Identity, recommending password changes for on-prem accounts with leaked credentials; rollout starts early Nov 2025. Introduction To help organizations better assess and improve.
MC1155429 (Updated) Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score
(Updated) Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score Microsoft Secure Score adds new improvement actions based on Defender for Identity posture recommendations for PingOne, with rollout starting November 2025 and GA in January 2026. Updated October 29, 2025: We have updated the timeline. [Introduction:].
MC1187386 Microsoft Defender for Identity alerts transitioning to XDR-based detection platform
Microsoft Defender for Identity alerts transitioning to XDR-based detection platform Defender for Identity classic alerts will shift to the XDR detection platform starting mid-December 2025; update workflows and alert exclusions to use new XDR Detector IDs. [Introduction] Microsoft Defender for Identity classic alerts will transition to the XDR.
MC1042925 (Updated) Microsoft Defender for Office 365: Enhancing page load performance
(Updated) Microsoft Defender for Office 365: Enhancing page load performance Defender for Office 365 will improve portal page load times, starting with Submission page in March 2025; no downtime or required admin action during phased rollout. At Microsoft Defender for Office 365, we are committed to providing seamless and efficient SOC workflows..
MC1042926 (Updated) Microsoft Defender for Office 365: Platform migration for enhanced data storage and performance
(Updated) Microsoft Defender for Office 365: Platform migration for enhanced data storage and performance Defender for Office 365 is migrating its data platform to improve performance, data consistency, and reliability; Phase 2 rollout completes by end of December 2025. Updated July 24, 2025: We have updated the timeline. Thank you for your.
Details
Summary
New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out in public preview by the end of December 2025, helping admins improve security by blocking common attacks. Admins should review and implement these recommendations, such as disabling NTLM authentication, to enhance endpoint protection.
Body (from Message Center)
We’re introducing new Microsoft Secure Score recommendations for Microsoft Defender for Endpoint (MDE) to help organizations strengthen their security posture. These recommendations are designed to proactively block common attack techniques and improve endpoint protection.
When this will happenPublic Preview: Rollout will begin at the end of December 2025 and is expected to complete by the end of December 2025.
How this affects your organizationWho is affected: Admins managing Microsoft Defender for Endpoint and Microsoft Secure Score.
What will happen
- Customers in Public Preview will see new recommendations in Microsoft Secure Score.
- One example recommendation is: Disable NTLM authentication for Windows workstations.
- Secure Score will update based on the implementation of these recommendations.
- Review the new recommendations in Microsoft Secure Score once available.
- Complete the recommended actions to improve your organization’s security posture.
- Communicate these changes to your security and endpoint management teams.
Compliance considerations
No compliance considerations identified. Review as appropriate for your organization.
Raw JSON (for debugging)
Expand/collapse the full payload below.
Show/hide raw
{
"snapshot_item": {
"action_required_by": null,
"ai_action_required_by": "2025-12-31T00:00:00Z",
"ai_actions": [
"Review new Secure Score recommendations",
"Complete recommended security actions",
"Communicate changes to security teams"
],
"ai_master_tags": [
"Security"
],
"ai_model": "gpt-4.1",
"ai_summary": "New Microsoft Secure Score recommendations for Defender for Endpoint will appear in Public Preview at end of Dec 2025 to help block attacks and improve endpoint protection.",
"ai_topics": [
"Defender"
],
"category": "stayInformed",
"details_map": {
"Summary": "New Microsoft Secure Score recommendations for Microsoft Defender for Endpoint will roll out in public preview by the end of December 2025, helping admins improve security by blocking common attacks. Admins should review and implement these recommendations, such as disabling NTLM authentication, to enhance endpoint protection."
},
"id": "MC1192254",
"importance": 4,
"is_major_change": false,
"last_modified": "2025-12-05T00:43:40Z",
"ms_products": [
"Defender"
],
"platforms": null,
"roadmap_ids": [],
"services": [
"Microsoft Defender XDR"
],
"severity": "normal",
"tags": [
"Feature update",
"User impact",
"Admin impact"
],
"title": "Microsoft Defender for Endpoint: New Microsoft Secure Score recommendations"
}
}