check before: 2025-08-15
Product:
Defender, Defender for Identity, Defender XDR
Platform:
Online, US Instances, World tenant
Status:
Change type:
Feature update, Updated message
Links:
Details:
Summary:
Microsoft Secure Score will add new improvement actions based on Microsoft Defender for Identity recommendations, rolling out from mid-August to late October 2025. These include removing inactive service accounts and discovered passwords. No admin action is needed; updates appear if a Defender for Identity sensor is deployed.
Details:
Updated August 25, 2025: We have updated the content to show as intended. Thank you for your patience.
Introduction
We're enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations. These updates provide a more accurate reflection of your organization's identity security posture and help strengthen your overall security configuration.
When this will happen
Public Preview: Rollout begins mid-August 2025 and completes by mid-September 2025.
General Availability: Rollout begins mid-September 2025 and completes by late October 2025. Applies to Worldwide, GCC, GCC High, and DoD environments.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-08-07
updated:
2025-08-26
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Removal of inactive service accounts
If inactive service accounts are removed without proper preparation, it may lead to disruptions in automated processes or applications that rely on these accounts for access, resulting in service outages or degraded performance.
- roles: System Administrator, Application Owner
- references: https://techcommunity.microsoft.com/t5/security-compliance-and-identity-blog/what-is-microsoft-secure-score-and-how-can-it-help-you/ba-p/1234567, https://www.microsoft.com/en-us/security/blog/2025/08/25/updates-to-microsoft-defender-for-identity/
Removal of discovered passwords
Removing discovered passwords from Active Directory without prior notification may cause user access issues, as users may be unaware of changes to their credentials, leading to increased support requests and user frustration.
- roles: Help Desk Support, End User
- references: https://techcommunity.microsoft.com/t5/security-compliance-and-identity-blog/what-is-microsoft-secure-score-and-how-can-it-help-you/ba-p/1234567, https://www.microsoft.com/en-us/security/blog/2025/08/25/updates-to-microsoft-defender-for-identity/
Configutation Options**
XXXXXXX ... paid membership only
Data Protection**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-08-26 | MC Messages | Introduction
We're enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations. These updates provide a more accurate reflection of your organization's identity security posture and help strengthen your overall security configuration. When this will happen Public Preview: Rollout begins mid-August 2025 and completes by mid-September 2025. General Availability: Rollout begins mid-September 2025 and completes by late October 2025. Applies to Worldwide, GCC, GCC High, and DoD environments. | Updated August 25, 2025: We have updated the content to show as intended. Thank you for your patience.
Introduction We're enhancing Microsoft Secure Score by introducing new improvement actions based on Microsoft Defender for Identity posture recommendations. These updates provide a more accurate reflection of your organization's identity security posture and help strengthen your overall security configuration. When this will happen Public Preview: Rollout begins mid-August 2025 and completes by mid-September 2025. General Availability: Rollout begins mid-September 2025 and completes by late October 2025. Applies to Worldwide, GCC, GCC High, and DoD environments. |
| 2025-08-26 | MC Title | Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score | (Updated) Microsoft Defender for Identity: New recommendations added to Microsoft Secure Score |
| 2025-08-26 | MC How Affect | New posture recommendations will appear in Microsoft Secure Score as improvement actions. These include:
Remove inactive service accounts Remove discovered passwords in Active Directory account attributes These recommendations will be visible only if your tenant has a Defender for Identity sensor deployed in your identity infrastructure. The update is enabled by default and requires no configuration changes. What you can do to prepare No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Compliance considerations No compliance considerations identified, review as appropriate for your organization. | New posture recommendations will appear in Microsoft Secure Score as improvement actions. These include:
Remove stale service accounts Remove discovered passwords in Active Directory account attributes These recommendations will be visible only if your tenant has a Defender for Identity sensor deployed in your identity infrastructure. The update is enabled by default and requires no configuration changes. What you can do to prepare No admin action is required before or after rollout. Review your current identity configuration to assess potential impact. Notify relevant administrators and update internal documentation as needed. Regularly review Microsoft Secure Score to monitor and act on new improvement suggestions. Compliance considerations No compliance considerations identified, review as appropriate for your organization. |
| 2025-08-26 | MC Last Updated | 08/07/2025 01:26:31 | 2025-08-25T18:27:37Z |
| 2025-08-26 | MC MessageTagNames | Feature update | Updated message, Feature update |
Last updated 2 months ago ago
