Min menu


Microsoft Defender automatically handles malware


Microsoft has made it clear that it is working to increase security for Microsoft Defender users by changing settings and converting the default setting from optional malware fix to fully automatic fix.

This change in the virtual automation level from Semi to Full comes after it was discovered that organizations using full automation by default were more successful in addressing and containing threats.

The anti-virus software automatically begins to analyze all alert threats when it detects malicious software within the network's computers.

It also looks at files, processes, services, registry keys, and all other areas where the threat may be present.

Microsoft explains in a blog post: "The automated investigation initiated by the alert provides a list of relevant entities found on a device and its provisions (harmful, suspicious or clean).

For any malicious entity, the investigation establishes a correction procedure, which, when approved, removes the malicious entity found in the investigation.

These actions are identified, managed, and implemented by Microsoft Defender without the security operations team having to contact the device remotely.

Actions are based on the level of device settings, as Microsoft Defender was previously set on the Semi setting for customers who have opted for public previews.

This required approval of any repair and these customers are soon being moved to full setup, which allows Windows 10 to automatically process threats.

 Microsoft has made some improvements to the automatic malware detection feature since its first launch.

The accuracy of malware detection has been enhanced, so there must be fewer false infections and positives, and in addition, the advantage now has the capabilities to achieve a better mechanism.

According to Microsoft, customers who use full automation have removed 40 percent of high-confidence malware samples compared to customers who use lower levels of automation.

Microsoft said: Full automation provides critical security resources to our customers so they can focus more on their strategic initiatives.

As of February 16, 2021, Microsoft automatically upgrades organizations that have opted for Microsoft defender public inspections to fully automate threat processing.