Microsoft Defender Vulnerability Management Now Supports Firmware Assessments

Network Security

Microsoft has released a new update for its Microsoft Defender vulnerability management service. The latest release enables IT admins to assess the firmware security of client devices in their organization.

Microsoft Defender vulnerability management was launched back in May this year. It’s a built-in module in Defender for Endpoint that can discover vulnerabilities and misconfigurations across on Windows, macOS, Linux, iOS, and Android. The Defender vulnerability management tool continuously prioritizes critical vulnerabilities and provides recommendations to mitigate security risks.

“Microsoft Defender Vulnerability Management new firmware assessments feature provides customers with full visibility into device manufacturer, processor and BIOS information. Customers who have access to Microsoft Defender Vulnerability Management add-on will be able to see their organization’s exposure to firmware vulnerabilities, remediation instructions and recommended firmware versions to deploy,” the company explained.

The new hardware and firmware assessments feature allows IT admins to view a list of hardware and firmware in all client devices. Moreover, it provides information about the inventory of BIOS, processors, and systems. The feature details the number of weaknesses and exposed devices as well as shows threat insights.

To access the hardware and firmware assessment page, IT admins will need to head over to the Microsoft 365 Defender portal. Select Inventories >> Hardware & Firmware under the Vulnerability management navigation menu.

Microsoft Defender Vulnerability Management Now Supports Firmware Assessments

Microsoft Defender Vulnerability Management protects client devices against firmware attacks

Microsoft highlights that threat actors are increasingly targeting hardware and firmware components. The new feature should provide complete visibility into the security posture of these components to protect client devices against cyber threats.

If you’re interested, you can sign up for the Microsoft Defender Vulnerability Management public preview today. Microsoft expects to make this service generally available for everyone in the coming months. It will be available as a standalone product ($3 per user per month) as well as an add-on to Microsoft Defender for Endpoint Plan 2 subscribers ($2 per user per month).