Skip to Content

MC427157: Reminder – Enhanced antimalware Engine capabilities for Linux: Validate to ensure continued protection

This message is a continued reminder (previously MC399488 July ’22) about the enhanced anti-malware Engine for Linux and macOS that we have been rolling out. A few months back we announced the general availability and gradual roll-out of our enhanced anti-malware engine for Linux and macOS.

MC427157: Reminder - Enhanced antimalware Engine capabilities for Linux: Validate to ensure continued protection

The new engine has been deployed across thousands of systems already and has been running successfully! You can verify whether you are running the enhanced engine by checking the engine_version from the output of “mdatp health”. If the engine_version starts with”1.x” you are already on the new version.

As a reminder, to ensure Microsoft Defender Antivirus cloud-delivered protection works properly with the new engine, your security/IT team must configure your network/proxy/internet settings to allow connections between your endpoints and certain Microsoft URLs. To support the new Microsoft Defender for Endpoint on Linux and macOS anti-malware engine enhancements, you must allow-list within the proxy ecosystem in your environment the following URL endpoints:

  • *
  • *

Please note that access to these URLs is *required* to ensure uninterrupted cloud-delivered protection on your Linux and macOS systems behind a proxy. Organizations that do not allow-list access to the above-mentioned URLs will be unable to download threat definition updates required for effective anti-malware protection.

Further info is available at our documentation and also on our blog.

Note: No action is required, if the above steps have been taken already based on our announcements and previous communications.

Timeline and Version Requirements: We began rolling out the enhanced anti-malware engine in June and this activity is scheduled to complete by the last week of September.

Minimum version requirements to enable a smooth transition:

  1. The minimum Microsoft Defender for Endpoint version number must be 101.62.64 Feb 2022 build. However, we recommend upgrading to the latest and greatest version available at the point in time for most updated capabilities.
  2. Soon after migration begins, versions older than 101.62.64 will stop getting protection updates.


  • Additionally, to support definitions storage in non-standard locations (outside of /var) for definition updates please ensure that you are at least on version 101.71.18.
  • If you are running builds that are older than 101.62.64, please update defender to continue to stay protected.
  • If you notice any issues or need any assistance during the course of this roll-out, please do contact Microsoft through our regular support channels.

Learn more

Message ID: MC427157
Published: 06 September 2022
Updated: 06 September 2022
Platform: Linux, Mac, World tenant

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.