This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.
We are happy to announce that live response is now in public preview for earlier versions of Windows 10 including 1709, 1803, and 1809.
Each organization has different needs and is on a different timeline for planning, testing, and deploying Windows updates. However, we know that our customers want to have access to the latest security features, no matter what version of Windows 10 they are currently running. We regularly listen to and incorporate this feedback, and this is why we are bringing the live response functionality to these versions of Windows.
To enable this functionality on your Windows client devices, first make sure you have turned on preview features for Microsoft Defender Advanced Threat Protection. Secondly, install the appropriate mandatory security update, as follows:
We are also introducing the ability to download files using a live response command in the background. This enables your Security Operations team to continue investigating an impacted device during a file download.
To download the file in the background, in the live response command console, type the following command:
download <file_path> &
Alternatively, if you are already waiting for the file to be downloaded, you can move it to background using CTRL + Z.
To bring the file download back to the foreground, in the live response command console, type the following command:
fg <command_id>
Here are some examples:
- Start download in background: download: “C:\windows\some_file.exe” &
- Move download back to foreground: fg 1234
To learn more about live response capabilities, see Investigate entities on machines using live response.
Let us know what you think. In the Microsoft 365 security center, on the home screen, select Give feedback. Select the Leave feedback link, and tell us what you think about this and other security features in Microsoft 365.
Thanks, Microsoft Defender ATP team