check before: 2025-08-28
Product:
Defender, Defender for Endpoint, Defender XDR, Windows, Windows Server
Platform:
Online, US Instances, World tenant
Status:
Change type:
New feature, Admin impact
Links:
Details:
Summary:
Microsoft Defender Core service will be introduced for Windows Server 2012 R2 and 2016 to improve Defender Antivirus stability and performance. Public preview starts August 28, 2025; general availability by early October 2025. It installs by default with platform update 4.18.25060.7-0 and requires specific URL allowances and process whitelisting.
Details:
Introduction
We're introducing the Microsoft Defender Core service for Windows Server 2012 R2 and Windows Server 2016. This new service enhances the stability and performance of Microsoft Defender Antivirus, helping organizations strengthen endpoint protection on legacy server platforms.
When this will happen
Public Preview: Begins August 28, 2025, via the Beta channel (Prerelease).
General Availability: Rollout begins in mid-September 2025 across all rings and completes by early October 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-08-27
updated:
2025-09-29
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Service Instability
Without proper preparation, the introduction of the Microsoft Defender Core service may lead to service instability, causing potential downtime or degraded performance of the antivirus service.
- roles: IT Administrator, System Administrator
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
User Experience Degradation
If the required URLs are not allowed, users may experience delays or failures in antivirus updates and scans, leading to a compromised security posture.
- roles: End User, IT Support
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
Compatibility Issues
Failure to whitelist necessary processes may result in conflicts with existing security solutions, leading to potential security gaps and user disruptions.
- roles: Security Analyst, IT Administrator
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
Configutation Options**
XXXXXXX ... paid membership only
Opportunities**
Enhanced Endpoint Protection for Legacy Systems
With the introduction of the Microsoft Defender Core service, organizations can significantly improve the stability and performance of endpoint protection on legacy Windows Server 2012 R2 and 2016. This is crucial for organizations still relying on these platforms, as it reduces the risk of security breaches due to outdated antivirus solutions.
- next-steps: Evaluate current security posture on legacy servers and plan for the update to the required Defender platform version. Prepare a communication plan for IT staff to ensure they are aware of the new service and its benefits.
- roles: IT Security Managers, System Administrators, Compliance Officers
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
Operational Efficiency in IT Management
The new Microsoft Defender Core service will streamline IT operations by providing a more reliable antivirus solution, reducing the need for frequent troubleshooting and maintenance associated with older antivirus solutions. This allows IT staff to focus on more strategic initiatives rather than reactive maintenance.
- next-steps: Assess current antivirus management processes and identify areas where time can be saved. Train IT staff on the new features and capabilities of the Microsoft Defender Core service to maximize operational efficiency.
- roles: IT Managers, Operations Managers, Help Desk Staff
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
Improved Compliance and Risk Management
By enhancing endpoint protection with the Microsoft Defender Core service, organizations can better meet compliance requirements and reduce risks associated with data breaches. This is particularly important for organizations in regulated industries where data protection is critical.
- next-steps: Conduct a compliance assessment to identify how the new service can help meet specific regulatory requirements. Update compliance documentation to reflect the enhanced capabilities of the Microsoft Defender Core service.
- roles: Compliance Officers, Risk Managers, IT Security Managers
- references: https://learn.microsoft.com/defender-endpoint/microsoft-defender-core-service-overview#prerequisites
Potentional Risks**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
change history
| Date | Property | old | new |
| 2025-09-29 | MC End Time | 10/29/2025 08:00:00 | 2025-11-10T08:00:00Z |
| 2025-09-29 | MC Last Updated | 08/27/2025 00:03:09 | 2025-09-29T22:46:14Z |
Last updated 2 days ago ago
