Merge pull request #5330 from limwainstein/security-score-update

New MDVM recommendations

Author: limwainstein

defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md

@@ -23,7 +23,11 @@ This article provides information about new features and important product updat
 
 ## October 2025
 
-- (Preview) You can now use CVE exceptions to exclude specific Common Vulnerabilities and Exposures (CVEs) from analysis in your environment. CVE exceptions allow you to control what type of data is relevant to your organization and to selectively exclude certain data from your remediation efforts. For more information, see [Exceptions in Microsoft Defender Vulnerability Management](tvm-exception-overview.md) and [Create, view, and manage exceptions](tvm-exception.md).
+- (Preview) You can now use **CVE exceptions** to exclude specific Common Vulnerabilities and Exposures (CVEs) from analysis in your environment. CVE exceptions allow you to control what type of data is relevant to your organization and to selectively exclude certain data from your remediation efforts. For more information, see [Exceptions in Microsoft Defender Vulnerability Management](tvm-exception-overview.md) and [Create, view, and manage exceptions](tvm-exception.md).
+- (Preview) **Microsoft Secure Score now includes new recommendations** to help organizations proactively prevent common endpoint attack techniques.
+    - **Block web shell creation on servers** – reduces the risk of web-based persistence and remote code execution attacks.
+    - **Block use of copied or impersonated system tools** – helps prevent attacker misuse of legitimate administrative utilities for lateral movement or privilege escalation.
+    - **Block rebooting a machine in Safe Mode** – helps defend against attackers who attempt to disable endpoint protection or persist through reboots.
 
 ## November 2024