Managed AV - Defender Settings Out Of Sync
in progress
Seth Russell
We have had several endpoints where Windows Defender shows as healthy and managed, but the settings on the endpoint are out of sync with the managed settings for some reason. This is resolved by setting the endpoint to audit mode, and then flipping it back to enforced mode, but I feel like we really need a way to be able to get these reported to us, and either have an automated remediation of doing this, or at least notify us so that we can perform this action as needed vs finding these machines by random chance.
J
Jasmine Anders
The Huntress team has updated this comparison logic in Agent version 0.14.146, so Defender signature “age” is refreshed consistently in both Audit and Enforce modes. That phased rollout has started; once our Agents are on v0.14.146 we shouldn’t see this mismatch again.
Matthiew Morin (Huntress)
marked this post as
in progress
J
Jasmine Anders
The Huntress team has updated this comparison logic in Agent version 0.14.146, so Defender signature “age” is refreshed consistently in both Audit and Enforce modes. That phased rollout has started; once our Agents are on v0.14.146 we shouldn’t see this mismatch again.
S
Steven Richardson
Have just come across the same issue in our platform. Typically no information is better than bad information, or Huntress could at least show when data was last populated.
This inaccurate information has caused some awkward conversations with our customers.