What's new in Microsoft Defender Vulnerability Management
This article provides information about new features and important product updates for the latest release of Microsoft Defender Vulnerability Management.
Tip
Did you know you can try all the features in Microsoft Defender Vulnerability Management for free? Find out how to sign up for a free trial.
November 2024
- We are aware of issues affecting data collection in several versions of CIS, STIG, and Microsoft benchmarks. We are actively working on a fix and will provide an update when the issue is resolved. For more information, see Known issues with data collection.
- The deprecation process of the Windows authenticated scan will begin on November 2024 and concludes on November 30, 2025. For more information, see Windows authenticated scan deprecation FAQs.
July 2024
- (GA) Learning hub resources have moved from the Microsoft Defender portal to learn.microsoft.com. Access Microsoft Defender XDR Ninja training, learning paths, training modules and more. Browse the list of learning paths, and filter by product, role, level, and subject.
February 2024
Vulnerable components
Defender Vulnerability Management now provides the ability to identify, report on, and recommend remediation for common, proprietary, and open-source software components and dependencies known to have had security issues in the past. For more information, see Vulnerable components.
Request of CVE support
You can now request for support to be added to Defender Vulnerability Management for a particular Common Vulnerabilities and Exposures (CVE). For more information, see Request CVE support.
Vulnerability details updates
- Common Vulnerabilities and Exposures (CVE) AI generated description (Public Preview): A new AI generated vulnerability description is now in public preview. It appears on the vulnerability details page for a CVE and provide detailed information on the vulnerability, its impact, recommended remediation steps, and any additional information, if available.
- CVSS vector string: The CVSS vector string is a text representation of the CVSS score. It is commonly used to record or transfer CVSS metric information in a concise and machine-readable form. This string is now represented in the portal for every weakness, and can be pulled via the List vulnerabilities API and Advanced Hunting. For more information on the CVSS Vector, see Common Vulnerability Scoring System
Other updates
Microsoft Defender Vulnerability Management Ninja training is now available: For more information, see Become a Microsoft Defender Vulnerability Management Ninja
August 2023
Microsoft Defender Vulnerability Management permissions are now integrated with Microsoft Defender XDR Unified role-based access control (RBAC)
You can now control access and grant granular permissions for Microsoft Defender Vulnerability Management as part of the Microsoft Defender XDR Unified RBAC model. For more information, see Microsoft Defender 365 Unified role-based access control (RBAC). You can add the new permissions to a custom role by selecting them from the Security posture permissions group when creating the role. For more information, see Create custom roles with Microsoft Defender XDR Unified RBAC.
Microsoft Defender Vulnerability Management Standalone is now Generally Available
To learn more about what's included in Microsoft Defender Vulnerability Management plans, see Compare Microsoft Defender Vulnerability Management plans and capabilities.
March 2023
Microsoft Defender Vulnerability Management add-on is now Generally Available. This includes consolidated inventories, new assessments, and mitigation tools to further enhance your vulnerability management program. To learn more about what's included in Microsoft Defender Vulnerability Management plans, see Compare Microsoft Defender Vulnerability Management plans and capabilities.
December 2022
Vulnerability assessment of apps on Microsoft Defender for Endpoint for iOS is now Generally Available. Defender for Endpoint on iOS supports vulnerability assessments of apps only for enrolled (MDM) devices. For more details, see Configure vulnerability assessment of apps.
October 2022
Several Linux platforms have high numbers of CVEs that are reported in official channels as not having a fix available (Red Hat, CentOS, Debian, and Ubuntu). This results in a high volume of non-actionable CVEs appearing in Microsoft Defender Vulnerability Management.
To address this, Defender Vulnerability Management will no longer report such CVEs on the above Linux platforms. The new behavior may lead to reporting of fewer exposed devices and lower organization exposure score.
September 2022
- Vulnerability assessment of apps on Microsoft Defender for Endpoint for iOS is now in public preview. Defender for Endpoint on iOS supports vulnerability assessments of apps only for enrolled (MDM) devices. For more information, see Configure vulnerability assessment of apps. If you are interested in participating in the preview, share your tenant name and ID with us at: mdatpmobile@microsoft.com.
August 2022
Defender Vulnerability Management is now supported for Amazon Linux 2 and Fedora 33 or higher.
Browser extensions APIs
You can now use the new browser extensions APIs to view all browser extensions installed in your organization, including installed versions, permissions requested, and associated risk.Extended software inventory API support for non product code software
A new API is now available and returns all the data for installed software that doesn't have a Common Platform Enumeration(CPE). The information returned by this API, along with the information returned by the Export software inventory assessment API, for software that does have a CPE, gives you full visibility into the software installed across your organization and the devices it's installed on.
May 2022
- Security baselines assessment: Create and manage baseline profiles to monitor the posture of your devices against their desired security state.
- Blocking vulnerable applications: Give security admins the ability to block all currently known vulnerable versions of an application.
- Browser extensions assessment: View all browser extensions installed on devices in your organization, including installed versions, permissions requested, and associated risk.
- Digital certificates assessment: View certificate details on devices in your organization, including expiration date, algorithm used, and key size.
- Network shares analysis: View information about exposed network shares and the recommendations that can help protect against vulnerabilities that could be exploited by attackers.
For more information on what's new with other Microsoft Defender security products, see: