Skip to content

Commit f97c5d8

Browse files
Ruchika-mittal01Ruchika-mittal01
authored
Merge pull request #2423 from rallumalla/main
Update MDATP linux-whatsnew.md 2411
2 parents 8e1ba25 + e14198d commit f97c5d8

File tree

1 file changed

+30
-1
lines changed

1 file changed

+30
-1
lines changed

defender-endpoint/linux-whatsnew.md

Lines changed: 30 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ ms.author: deniseb
66
author: denisebmsft
77
ms.reviewer: kumasumit, gopkr
88
ms.localizationpriority: medium
9-
ms.date: 01/09/2025
9+
ms.date: 01/13/2025
1010
manager: deniseb
1111
audience: ITPro
1212
ms.collection:
@@ -43,6 +43,35 @@ This article is updated frequently to let you know what's new in the latest rele
4343
4444
## Releases for Defender for Endpoint on Linux
4545

46+
### Jan-2025 Build: 101.24112.0001 | Release version: 30.124112.0001.0
47+
48+
| Build: | **101.24112.0001** |
49+
|--------------------|-----------------------|
50+
| Released: | **January 13, 2025** |
51+
| Published: | **January 13, 2025** |
52+
| Release version: | **30.124112.0001.0** |
53+
| Engine version: | **1.1.24090.13** |
54+
| Signature version: | **1.421.226.0** |
55+
56+
#### What's new
57+
58+
- Upgraded the Bond version to 13.0.1 to address security vulnerabilities in versions 12 or lower.
59+
60+
- Mdatp package no longer has a dependency on SELinux packages.
61+
62+
- User can now query the status of supplementary event provider eBPF using the threat hunting query in DeviceTvmInfoGathering. To learn more about this query check: [Use eBPF-based sensor for Microsoft Defender for Endpoint on Linux](/defender-endpoint/linux-support-ebpf). The result of this query can return the following two values as eBPF status:
63+
- Enabled: When eBPF is enabled as working as expected.
64+
- Disabled: When eBPF is disabled due to one of the following reasons:
65+
- When MDE is using auditD as a supplementary sensor
66+
- When eBPF is not present and we fallback to Netlink as supplementary event provider
67+
- There is no supplementary sensor present.
68+
69+
- Starting from 2411, the MDATP package release to Production on packages.microsoft.com will follow a gradual rollout mechanism which spans over a week. The other release rings, insiderFast and insiderSlow, are unaffected by this change.
70+
71+
- Stability and performance improvements.
72+
73+
- Critical bugs fixes around definition update flow.
74+
4675
### Jan-2025 Build: 101.24102.0000 | Release version: 30.124102.0000.0
4776

4877
| Build: | **101.24102.0000** |

0 commit comments

Comments
 (0)