You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: defender-endpoint/microsoft-defender-antivirus-compatibility.md
+6-5Lines changed: 6 additions & 5 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -37,7 +37,6 @@ Microsoft Defender Antivirus is available on endpoints running the following ver
37
37
- Windows 11
38
38
- Windows 10
39
39
- Windows Server 2025
40
-
41
40
- Windows Server 2022
42
41
- Windows Server 2019
43
42
- Windows Server, version 1803, or newer
@@ -108,7 +107,7 @@ The following table summarizes the state of Microsoft Defender Antivirus in seve
108
107
## Windows Server and passive mode
109
108
110
109
> [!TIP]
111
-
> If you are planning to keep Microsoft Defender Antivirus in passive mode for your Windows Servers, ForceDefenderPassiveMode setting needs to be set before the onboarding to Microsoft Defender for Endpoint.
110
+
> If you are planning to keep Microsoft Defender Antivirus in passive mode for your Windows Servers, the `ForceDefenderPassiveMode` setting needs to be set before onboarding the device to Microsoft Defender for Endpoint.
112
111
113
112
On Windows Server 2025, Windows Server 2022, Windows Server 2019, Windows Server, version 1803 or newer, Windows Server 2016, or Windows Server 2012 R2, Microsoft Defender Antivirus doesn't enter passive mode automatically when you install a non-Microsoft antivirus product. In those cases, set Microsoft Defender Antivirus to passive mode to prevent problems caused by having multiple antivirus products installed on a server. You can set Microsoft Defender Antivirus to passive mode using a registry key as follows:
114
113
@@ -125,7 +124,7 @@ For passive mode to work on endpoints running Windows Server 2016 and Windows Se
125
124
> [!IMPORTANT]
126
125
> Beginning with [platform version 4.18.2208.0 and later](msda-updates-previous-versions-technical-upgrade-support.md#september-2022-platform-41822097--engine-11197003), if a server is onboarded to Microsoft Defender for Endpoint, [tamper protection](/editor/MicrosoftDocs/microsoft-365-docs-pr/microsoft-365%2Fsecurity%2Fdefender-endpoint%2Fmicrosoft-defender-antivirus-compatibility.md/main/9a5f8a9f-f5b9-cd00-0d21-171936a25b2b/prevent-changes-to-security-settings-with-tamper-protection.md) allows a switch to active mode, but not to passive mode.
127
126
>
128
-
> Notice the modified logic for `ForceDefenderPassiveMode` when tamper protection is enabled: Once Microsoft Defender Antivirus is set to active mode, tamper protection prevents it from going back into passive mode even when `ForceDefenderPassiveMode` is set to `1`.
127
+
> Notice the modified logic for `ForceDefenderPassiveMode` when tamper protection is enabled: When Microsoft Defender Antivirus is set to active mode, tamper protection prevents it from going back into passive mode even when `ForceDefenderPassiveMode` is set to `1`.
129
128
130
129
On Windows Server 2016, Windows Server 2012 R2, Windows Server version 1803 or newer, Windows Server 2019, and Windows Server 2022, if you're using a non-Microsoft antivirus product on an endpoint that *isn't* onboarded to Microsoft Defender for Endpoint, disable/uninstall Microsoft Defender Antivirus manually to prevent problems caused by having multiple antivirus products installed on a server. However, Defender for Endpoint includes capabilities that further extend the antivirus protection that is installed on your endpoint. If you have Defender for Endpoint, you can benefit from running Microsoft Defender Antivirus alongside another antivirus solution.
131
130
@@ -139,7 +138,9 @@ For example, [Endpoint detection and response (EDR) in block mode](edr-in-block-
139
138
In order for Microsoft Defender Antivirus to run in passive mode, endpoints must meet the following requirements:
140
139
141
140
- Operating system: Windows 10 or newer; Windows Server 2022, Windows Server 2019, or Windows Server, version 1803, or newer <br/>(Windows Server 2012 R2 and Windows Server 2016 if onboarded using the [modern, unified solution](configure-server-endpoints.md)).
141
+
142
142
- Microsoft Defender Antivirus must be installed.
143
+
143
144
- Another non-Microsoft antivirus/antimalware product must be installed and used as the primary antivirus solution. ([Add Microsoft Defender for Endpoint to your exclusion list for your existing solution](/defender-endpoint/switch-to-mde-phase-2)).
144
145
145
146
- Endpoints must be onboarded to Defender for Endpoint.
@@ -241,7 +242,7 @@ You can use one of several methods to confirm the state of Microsoft Defender An
241
242
242
243
2. Select the **Details** tab.
243
244
244
-
3. Look for **MsMpEng.exe** in the list.
245
+
3. Look for `MsMpEng.exe` in the list.
245
246
246
247
### Use Windows PowerShell to confirm that Microsoft Defender Antivirus is running
247
248
@@ -307,7 +308,7 @@ If you're looking for Antivirus related information for other platforms, see:
307
308
308
309
-[Microsoft Defender Antivirus on Windows clients](microsoft-defender-antivirus-windows.md)
309
310
-[EDR in block mode](edr-in-block-mode.md)
310
-
311
311
-[Learn about Endpoint data loss prevention](/microsoft-365/compliance/endpoint-dlp-learn-about)
312
+
312
313
[!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
0 commit comments