Support Tip: Updates to Microsoft Defender ATP baseline

This post has been republished via RSS; it originally appeared at: Intune Customer Success articles.

For customers who are taking advantage of Microsoft Endpoint Manager’s Security Baselines for Microsoft Defender ATP, you might notice a banner in the UI of the Device Management admin console indicating a new baseline version has been released with this iteration.


MDATP baselines.jpg

Existing profiles will continue to work as expected – no action is needed.

To make any changes/customizations to settings within a profile that has an updated baseline available, Microsoft requires you update that profile to a supported version of a baseline and make your changes.


You can select the two versions of the baseline and then choose ‘Compare baselines’ to download a CSV file that details those differences. There are changes in these areas:

  • BitLocker,
  • Windows Hello for Business,
  • Exploit Protection,
  • Folder protection,
  • Credential guard,
  • SmartScreen,
  • and Application Guard

When you are ready, the update process can be started by selecting ‘Profiles’ under the Microsoft Defender ATP baseline, select ‘Change Version’. To learn more, see “Change the baseline version for a profile“.


REMEMBER: these articles are REPUBLISHED. Your best bet to get a reply is to follow the link at the top of the post to the ORIGINAL post! BUT you're more than welcome to start discussions here:

This site uses Akismet to reduce spam. Learn how your comment data is processed.