Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Endpoint Security

Microsoft Brings Windows Defender ATP to Windows 7, 8.1

Microsoft on Monday announced plans to make Windows Defender Advanced Threat Protection (ATP) available for Windows 7 SP1 and Windows 8.1 devices.

Microsoft on Monday announced plans to make Windows Defender Advanced Threat Protection (ATP) available for Windows 7 SP1 and Windows 8.1 devices.

First announced in early 2016, Windows Defender ATP was packed in Windows 10 in an attempt to harden the platform and provide users with a unified endpoint security tool.

Improvements made to Windows Defender ATP since include protection against code injection attacks, detection of suspicious PowerShell activities, and the ability to fend off emerging threats via Windows Defender Exploit Guard.

While these enhancements make Windows 10 a more secure platform, organizations that use a mixture of Windows 7 and Windows 10 devices remain exposed to attacks, and Microsoft aims at tackling the issue with the addition of support for older platform iterations in Windows Defender ATP.

“Starting this summer, customers moving to Windows 10 can add Windows Defender ATP Endpoint Detection & Response (EDR) functionality to their Windows 7, and Windows 8.1 devices, and get a holistic view across their endpoints,” Rob Lefferts, Partner Director, Windows & Devices Group, Security & Enterprise, Microsoft, notes in a blog post.

Windows 7 and Windows 8.1 will get a behavioral based EDR solution to provide insight into threats on an organization’s endpoints. All events are logged in the Windows Defender Security Center, which is the cloud-based console for Windows Defender ATP.

“Security teams benefit from correlated alerts for known and unknown adversaries, additional threat intelligence, and a detailed machine timeline for further investigations and manual response options,” Lefferts notes.

He also notes that the solution will allow organizations to run third-party antivirus solutions on the endpoints, although pairing it with Windows Defender Antivirus (also known as System Center Endpoint Protection (SCEP) for down-level) would be the best option. The advantage when using it with Windows Defender Antivirus would be that both malware detections and response actions would be available in the same console.

Microsoft plans on providing its customers with access to a public preview of the down-level EDR solution in spring, so that security teams would learn more on what the solution has to offer in terms of detecting suspicious behavior on Windows 7 and Windows 8.1 devices.

Making Windows Defender ATP available for older Windows releases is only one more step Microsoft makes in its attempt to broaden the availability of its security product. In November, the company announced partnerships to bring the tool to macOS, Linux, iOS, and Android devices as well.

On Monday, SentinelOne revealed plans to bring Windows Defender ATP to its Mac and Linux users too, courtesy of integration with the SentinelOne Endpoint Protection Platform (EPP). The company is already providing customers with beta access to the solution.

Once the planned integration is complete, new events from onboarded MacOS and Linux devices will start natively surfacing into the Windows Defender ATP console, without the need for additional infrastructure, the company says.

“With Windows Defender ATP for Windows 10, Windows Server 2012R2 and 2016, now for Windows 7 and Windows 8.1 and our partner integration for non-Windows devices, we give security teams a single solution to detect and respond to advanced attacks across the majority of their endpoints,” Lefferts concludes.

Related: Windows 10 Detects Reflective DLL Loading: Microsoft

Related: Windows 10 Exploit Guard Boosts Endpoint Defenses

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content

Application Security

Electric car maker Tesla is using the annual Pwn2Own hacker contest to incentivize security researchers to showcase complex exploit chains that can lead to...

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...

CISO Strategy

Varied viewpoints as related security concepts take on similar traits create substantial confusion among security teams trying to evaluate and purchase security technologies.

Endpoint Security

Today, on January 10, 2023, Windows 7 Extended Security Updates (ESU) and Windows 8.1 have reached their end of support dates.

Application Security

Software maker Adobe has rolled out its first batch of security patches for 2023 with fixes for at least 29 security vulnerabilities in a...

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...

Endpoint Security

Apple has launched a new security research blog and website, which will also be the new home of the company’s bug bounty program.