MDATP for Mac is moving to use system extensions instead of kernel extensions

In preparation for macOS 11 Big Sur, Microsoft is getting ready to release an update to Microsoft Defender ATP for Mac that will leverage new system extensions instead of kernel extensions. Apple will stop supporting kernel extensions starting macOS 11 Big Sur version. Therefore an update to the Microsoft Defender ATP for Mac agent is required on all eligible macOS devices prior to moving these devices to macOS 11.

The update is applicable to devices running macOS version 10.15.4 or later.

Key Points:

Timing:
- Organizations that previously opted into Microsoft Defender ATP preview features in Microsoft Defender Security Center, must be ready for Microsoft Defender ATP for Mac agent update by August 10, 2020.
- Organizations that do not participate in public previews for Microsoft Defender ATP features, must be ready by September 07, 2020.
Action: review and assess

How this will affect your organization

To ensure Microsoft Defender ATP for Mac update is delivered and applied seamlessly from an end user experience perspective, a new remote configuration must be deployed to all eligible macOS devices before Microsoft publishes the new agent version.

If such configuration is not deployed prior to the Microsoft Defender ATP for Mac agent update, end users will be presented with a series of system dialogs asking to grant the agent all necessary permissions associated with the new system extensions.

What you need to do to prepare

Review the steps below and assess the impact on your organization:

Deploy the specified remote configuration to eligible macOS devices before Microsoft publishes the new agent version.
Refer to this documentation for detailed configuration information and instructions: New configuration profiles for macOS Catalina and newer versions of macOS
Monitor “what’s new for Mac” page for an announcement of the actual release of MDATP for Mac agent update: What’s new in Microsoft Defender Advanced Threat Protection for Mac

M	T	W	T	F	S	S
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31

Cookie	Duration	Description
__gads	1 year 24 days	The __gads cookie, set by Google, is stored under DoubleClick domain and tracks the number of times users see an advert, measures the success of the campaign and calculates its revenue. This cookie can only be read from the domain they are set on and will not track any data while browsing through other sites.
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.
CONSENT	2 years	YouTube sets this cookie via embedded youtube-videos and registers anonymous statistical data.

Cookie	Duration	Description
ANONCHK	10 minutes	The ANONCHK cookie, set by Bing, is used to store a user's session ID and also verify the clicks from ads on the Bing search engine. The cookie helps in reporting and personalization as well.
IDE	1 year 24 days	Google DoubleClick IDE cookies are used to store information about how the user uses the website to present them with relevant ads and according to the user profile.
MUID	1 year 24 days	Bing sets this cookie to recognize unique web browsers visiting Microsoft sites. This cookie is used for advertising, site analytics, and other operations.
test_cookie	15 minutes	The test_cookie is set by doubleclick.net and is used to determine if the user's browser supports cookies.

Cookie	Duration	Description
_clck	1 year	No description
_clsk	1 day	No description
ApplicationGatewayAffinityCORS	session	No description available.
CLID	1 year	No description
GoogleAdServingTest	session	No description
LiSESSIONID	session	No description available.
LithiumUserInfo	past	No description
LithiumUserSecure	past	No description
LithiumVisitor	1 year	No description available.
original_req_url	past	No description
SM	session	No description available.
SRM_B	1 year 24 days	No description available.

MDATP for Mac is moving to use system extensions instead of kernel extensions

MDATP for Mac is moving to use system extensions instead of kernel extensions

No Comments

Add your comment Cancel reply

Thibault CHÂTIRON

Follow Blog via Email

Recent Posts

Categories

Archives