Deploy updates for Microsoft Defender for Endpoint on Linux
Want to experience Defender for Endpoint? Sign up for a free trial.
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.
Each version of Defender for Endpoint on Linux has an expiration date, after which it will no longer continue to protect your device. You must update the product prior to this date. To check the expiration date, run the following command:
mdatp health --field product_expiration
Generally available Microsoft Defender for Endpoint capabilities are equivalent regardless update channel used for a deployment (Beta (Insider), Preview (External), Current (Production)).
To update Defender for Endpoint on Linux manually, execute one of the following commands:
RHEL and variants (CentOS and Oracle Linux)
sudo yum update mdatp
SLES and variants
sudo zypper update mdatp
Ubuntu and Debian systems
sudo apt-get install --only-upgrade mdatp
When integrating Microsoft Defender for Endpoint and Defender for Cloud, the mdatp agent will automatically receive updates by default.