


Tamper protection is on, tampering operations are blocked Tampering operations are logged, but not blocked Tamper protection is completely off (this is the default mode after installation) You can set tamper protection in the following modes: Topic This capability also helps important security files, processes, and configuration settings from being tampered. Tamper protection helps prevent unauthorized removal of Microsoft Defender for Endpoint on macOS. Tamper protection in macOS helps prevent unwanted changes to security settings from being made by unauthorized users. Want to experience Defender for Endpoint? Sign up for a free trial. Microsoft Defender for Endpoint (MDE) on Mac currently supports macOS versions Ventura (13), Monterey (12) and Big Sur (11).Protect macOS security settings with tamper protection.To eliminate risk of losing protection, ensure to update all macOS devices in your environment to a macOS version newer than macOS Catalina. On December 15, 2022, if your environment still has macOS devices running macOS version Catalina (10.15), after the change any macOS Catalina machine running Microsoft Defender for Endpoint (Mac) will remain protected until the agent expiration, however it will fail to update (error will be logged in /Library/Logs/Microsoft/autoupdate.log ). Action: review version of macOS devices in your environment and ensure macOS devices that are still running macOS version Catalina 10.15 are updated to a more recent macOS version.Microsoft Defender for Endpoint will no longer support macOS version Catalina (10.15) as Apple ended support for Catalina (10.15) in December 2022. Note: this message applies only to organizations with macOS devices in their environments.
