Share via

Malware protection in Microsoft 365

Malware refers to viruses, spyware, ransomware, and any other malicious software meant to steal data or harm computer systems. Microsoft 365 systems include anti-malware solutions, such as Microsoft Defender antivirus detection, to prevent malware introduction by a client or Microsoft 365 server. Anti-malware software is a principal mechanism used to protect Microsoft 365 assets from malicious software, providing both preventive and detective measures against malicious software.

At least daily, anti-malware solutions track software versions and known malware signatures to make detections. The following functions are centrally managed on each endpoint for each service team:

  • Automatic scans of the environment
  • Periodic scans of the file system (at least weekly)
  • Real-time scans of files upon download, opening, or execution
  • Automatic download and application of signature updates at least daily from the vendor's virus definition site
  • Alerting, cleaning, and mitigation of detected malware

Upon malware detection, anti-malware solutions track and alert the responsible Microsoft incident response team to initiate the incident response process.

Protection against malware is a shared responsibility. See Exchange Online Protection, Microsoft Defender for Office 365, and Shared ransomware protection for more information on how Microsoft 365 can help secure your data.