New MDVM recommendations

Author: limwainstein

defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md

@@ -11,7 +11,7 @@ audience: ITPro
 ms.collection:
   - m365-security
 ms.topic: whats-new
-ms.date: 11/19/2024
+ms.date: 11/4/2025
 ---
 
 # What's new in Microsoft Defender Vulnerability Management
@@ -21,6 +21,14 @@ This article provides information about new features and important product updat
 > [!TIP]
 > Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to [sign up for a free trial](defender-vulnerability-management-trial.md).
 
+## November 2025
+
+- (Preview) **Microsoft Secure Score now includes new recommendations** to help organizations proactively prevent common endpoint attack techniques.
+- (GA) These Microsoft Secure Score recommendations are now generally available: 
+    - **Block web shell creation on servers**.
+    - **Block use of copied or impersonated system tools**.
+    - **Block rebooting a machine in Safe Mode**.
+
 ## October 2025
 
 - (Preview) You can now use **CVE exceptions** to exclude specific Common Vulnerabilities and Exposures (CVEs) from analysis in your environment. CVE exceptions allow you to control what type of data is relevant to your organization and to selectively exclude certain data from your remediation efforts. For more information, see [Exceptions in Microsoft Defender Vulnerability Management](tvm-exception-overview.md) and [Create, view, and manage exceptions](tvm-exception.md).