check before: 2025-03-15
Product:
Defender, Defender for Identity, Defender XDR, Entra
Platform:
Online, US Instances, World tenant
Status:
Change type:
Feature update, Admin impact
Links:
Details:
Summary:
Microsoft is updating Microsoft Secure Score improvement actions for Defender for Identity, adding new recommendations such as installing sensors on ADCS, Entra Connect, and ADFS servers, and changing gMSA and sMSA account passwords. The rollout starts in March 2025, with no admin action required. Review configurations and notify admins.
Details:
We're updating Microsoft Secure Score improvement actions of Microsoft Defender for Identity to ensure a more accurate representation of security posture. This rollout includes new posture recommendations that will be added as Microsoft Secure Score improvement actions and recommendations:
Install Defender for Identity Sensor on ADCS servers.
Install Defender for Identity Sensor on Entra Connect.
Install Defender for Identity Sensor on ADFS servers.
Change password for gMSA account.
Change password for sMSA account.
[When this will happen:]
Public Preview: We will begin rolling out mid-March 2025 and expect to complete by mid-April 2025.
General Availability (Worldwide, GCC, GCC High, DoD): We will begin rolling out late March 2025 and expect to complete by late April 2025.
Change Category:
XXXXXXX ... free basic plan only
Scope:
XXXXXXX ... free basic plan only
Release Phase:
Created:
2025-03-05
updated:
2025-03-05
Task Type
XXXXXXX ... free basic plan only
Docu to Check
XXXXXXX ... free basic plan only
MS How does it affect me
XXXXXXX ... free basic plan only
MS Preperations
XXXXXXX ... free basic plan only
MS Urgency
XXXXXXX ... free basic plan only
MS workload name
XXXXXXX ... free basic plan only
summary for non-techies**
XXXXXXX ... free basic plan only
Direct effects for Operations**
Installation of Defender for Identity Sensors
Failure to prepare for the installation of new sensors on ADCS, Entra Connect, and ADFS servers may lead to service disruptions and security vulnerabilities, impacting the overall security posture of the organization.
- roles: IT Security Manager, System Administrator
- references: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-defender-for-identity-new-recommendations-for/ba-p/3851230
Password Changes for gMSA and sMSA Accounts
Not preparing for the password changes for gMSA and sMSA accounts could result in authentication failures, leading to potential downtime and user access issues.
- roles: IT Security Manager, System Administrator
- references: https://techcommunity.microsoft.com/t5/security-compliance-and-identity/microsoft-defender-for-identity-new-recommendations-for/ba-p/3851230
Configutation Options**
XXXXXXX ... paid membership only
IT Security**
XXXXXXX ... paid membership only
explanation for non-techies**
XXXXXXX ... free basic plan only
** AI generated content. This information must be reviewed before use.
a free basic plan is required to see more details. Sign up here
A cloudsocut.one plan is required to see all the changed details. If you are already a customer, choose login.
If you are new to cloudscout.one please choose a plan.
Last updated 2 weeks ago
