This is the updated “matrix” of OS supported for the almost 80 features, services, and important components that make up Microsoft Defender for Endpoint. This follows up on my March 2022 release of the comparison.

What’s new?

  • Now available in Excel format, which was the biggest request 🙂
  • Added the new Microsoft Defender Vulnerability Management capabilities (add-on license required)
  • Added macOS tamper protection support
  • Added macOS network and web protection
  • Added iOS and Android’s mobile network protection
  • Added Linux cloud-delivered protection support
  • Added Windows troubleshooting mode
  • Added macOS, iOS, and Android support for network indicators of compromise
  • Updated host firewall reporting supported OSs
  • Updated attack surface reduction (ASR) rule supported Windows and Windows Server versions
  • Updated block at first sight (BAFS) supported OSs (thanks Polle Vanhoof + Thomas Verheyden)
  • Updated Windows Server support for indicators of compromise (thanks Polle Vanhoof + Thomas Verheyden)
  • Removed preview references for the unified agent for Windows Server 2012 R2 and 2016

Obligatory disclaimers:

  • This is provided without warranty and only my best effort.  This stuff isn’t always obvious in the documentation, so expect updates to refine accuracy over time.
  • Where I have used a green check ✓ to note support, this doesn’t mean all versions of that OS, but it does mean all MDE-supported versions of that OS.  For example, macOS is supported for the three latest versions, and Windows 10 from 1607.  Similarly, Linux is complicated.  If in doubt, ask me or look up the docs.
  • For the most part, I have gone by what the docs say.  Why point this out?  For example, my friend Rudy Ooms has previously pointed out that some ASR rules apply on OSs that aren’t officially listed in Microsoft’s docs (this was before the unified solution became available).  The point is: the docs don’t always reflect what really works.  I’ve stuck to the docs because if you ever need support, that’s what you’ll have to help.  In some cases, the docs say nothing about the OS version required, so I’ve had to figure it out myself or make a presumption based on other information (the new MDVM capabilities are a good example of this).
  • If you notice any errors or have suggestions for improvement, let me know!

You can download it below.

Or check it out in this (probably compressed and squashed) image below.

Tags: