Merge pull request #5475 from limwainstein/mdvm-new-recommendations

limwainstein · web-flow · commit 5ef39f4a4621 · 2025-11-10T12:23:17.000+02:00
New MDVM recommendations
diff --git a/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md b/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md
@@ -11,7 +11,7 @@ audience: ITPro
 ms.collection:
   - m365-security
 ms.topic: whats-new
-ms.date: 11/19/2024
+ms.date: 11/4/2025
 ---
 
 # What's new in Microsoft Defender Vulnerability Management
@@ -21,6 +21,17 @@ This article provides information about new features and important product updat
 > [!TIP]
 > Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](defender-vulnerability-management-trial.md).
 
+## November 2025
+
+- (Preview) **Microsoft Secure Score now includes new recommendations** to help organizations proactively prevent common endpoint attack techniques.
+    - **Require LDAP client signing** and **Require LDAP server signing** - help ensure integrity of directory requests so attackers can't tamper with or manipulate group memberships or permissions in transit.
+    - **Encrypt LDAP client traffic** - prevents exposure of credentials and sensitive user information by enforcing encrypted communication instead of clear-text LDAP.
+    - **Enforce LDAP channel binding** - prevents man-in-the-middle relay attacks by ensuring the authentication is cryptographically tied to the TLS session. If the TLS channel changes, the bind fails, stopping credential replay.
+- (GA) These Microsoft Secure Score recommendations are now generally available: 
+    - **Block web shell creation on servers**
+    - **Block use of copied or impersonated system tools**
+    - **Block rebooting a machine in Safe Mode**
+
 ## October 2025
 
 - (Preview) You can now use **CVE exceptions** to exclude specific Common Vulnerabilities and Exposures (CVEs) from analysis in your environment. CVE exceptions allow you to control what type of data is relevant to your organization and to selectively exclude certain data from your remediation efforts. For more information, see [Exceptions in Microsoft Defender Vulnerability Management](tvm-exception-overview.md) and [Create, view, and manage exceptions](tvm-exception.md).
