Did you know: MDATP for Mac is moving to use system extensions instead of kernel extensions

Did you know: MDATP for Mac is moving to use system extensions instead of kernel extensions

Note: this message applies only to organizations with macOS devices in their environments.

In preparation for macOS 11 Big Sur, Microsoft are getting ready to release an update to Microsoft Defender ATP for Mac that will leverage new system extensions instead of kernel extensions. Apple will stop supporting kernel extensions starting macOS 11 Big Sur version. Therefore an update to the Microsoft Defender ATP for Mac agent is required on all eligible macOS devices prior to moving these devices to macOS 11.

The update is applicable to devices running macOS version10.15.4 or later.

To ensure that the Microsoft Defender ATP for Mac update is delivered and applied seamlessly from an end-user experience perspective, a new remote configuration must be deployed to all eligible macOS devices before Microsoft publishes the new agent version. If the configuration is not deployed prior to the Microsoft Defender ATP for Mac agent update, end-users will be presented with a series of system dialogs asking to grant the agent all necessary permissions associated with the new system extensions.

Key Points:
o Organizations that previously opted into Microsoft Defender ATP preview features in Microsoft Defender Security Center, must be ready for Microsoft Defender ATP for Mac agent update by August 10, 2020.
o Organizations that do not participate in public previews for Microsoft Defender ATP features, must be ready by September 07, 2020.

How this will affect your organization
To ensure Microsoft Defender ATP for Mac update is delivered and applied seamlessly from an end user experience perspective, a new remote configuration must be deployed to all eligible macOS devices before Microsoft publishes the new agent version. If such configuration is not deployed prior to the Microsoft Defender ATP for Mac agent update, end users will be presented with a series of system dialogs asking to grant the agent all necessary permissions associated with the new system extensions.

Review the steps below and assess the impact on your organization:

  1. Deploy the specified remote configuration to eligible macOS devices before Microsoft publishes the new agent version.
    Even though Microsoft Defender ATP for Mac new implementation based on system extensions is only applicable to devices running macOS version 10.15.4 or later, deploying configuration proactively across the entire macOS fleet will ensure that even down-level devices are prepared for the day when Apple releases macOS 11 Big Sur and will ensure that Microsoft Defender ATP for Mac continues protecting all macOS devices regardless OS version they were running prior to the Big Sur upgrade.
  2. Refer to this documentation for detailed configuration information and instructions: New configuration profiles for macOS Catalina and newer versions of macOS
  3. Monitor “what’s new for Mac” page for an announcement of the actual release of MDATP for Mac agent update: What’s new in Microsoft Defender Advanced Threat Protection for Mac

If you’d like to schedule a free one hour consultation on Microsoft 365 roadmap planning with someone from our Microsoft 365 roadmap services team please contact us

Share:

Facebook
Twitter
LinkedIn

Contact Us

=
On Key

More Posts

WME Cybersecurity Briefings No. 005
Cyber Security

WME Security Briefing 15 April 2024

E-Commerce Security Alert: Unveiling Magecart’s Persistent Backdoor Overview Malicious activities by Magecart attackers have been reported. They are targeting Shopify’s content delivery network (CDN) by creating fake Shopify stores. The backdoor method has enabled them to

Read More »
WME Cybersecurity Briefings No. 004
Cyber Security

WME Security Briefing 11 April 2024

Mispadu Trojan Exploits Windows Vulnerability to Target Financial Data Overview The Mispadu banking trojan has intensified its operations as it’s exploiting an already patched Windows SmartScreen flaw. Since its initial identification in 2019, Mispadu has primarily preyed on

Read More »
WME Cybersecurity Briefings No. 003
Cyber Security

WME Security Briefing 29 March 2024

Russian hackers escalating their cyber warfare, deploying TinyTurla-NG to breach European NGOs. Cisco Talos reveals a targeted attack against organizations advocating democracy and supporting Ukraine. With their sophisticated methods, these cyber attackers are bypassing antivirus defenses

Read More »
Be assured of everything

Get WME Services

Stay ahead of the competition with our Professional IT offerings.

=