Microsoft Defender ATP Now Warns of Jailbroken iPhones, iPads

Microsoft has added support for detecting jailbroken iOS devices to Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus.

The new detection capability now available in the enterprise endpoint security platform (previously known as Microsoft Defender Advanced Threat Protection) will warn security teams of both managed and unmanaged jailbroken iPhones and iPads on their network.

“If it’s detected that a device is jailbroken, an alert is surfaced to the security team in Microsoft 365 Defender,” Microsoft Senior Program Manager Shravan Thota explained.

“The device will then be considered as a high-risk device and this risk score is shared with your app protection or device compliance policies so that you can block it from accessing corporate resources.”

By jailbreaking iOS devices, users gain complete write and execution access by elevating their permissions to root, thus removing all restrictions imposed by Apple on installing applications and customizing the OS behavior.

Since there are no restrictions in place, they can later install potentially malicious applications and, by avoiding updating the device to maintain their root access, they will also expose themselves to attacks by skipping on likely critical security updates.

“These kinds of devices introduce additional risk and a higher probability of a breach to your organization,” Thota added.

Also Read: PDPA Compliance Singapore: 10 Areas to Work on

Microsoft Defender for Endpoint iOS jailbreak alert
Image: Microsoft

With this update, Microsoft has also added mobile application management (MAM) support for non-Intune enrolled Android and iOS devices.

The company also simplified onboarding for iOS end users by allowing admins to push the VPN profile needed for enrollment during the setup configuration process.

These improvements add to previously available capabilities, including:

  • Protection against phishing coming from browsing, email, apps, and messaging platforms 
  • Scans for malware and potentially unwanted apps (on Android) 
  • Blocking of unsafe connections as well as access to sensitive data (on Android) 
  • A unified security experience for SecOps in Microsoft 365 Defender   

This is part of a broader effort to expand the security platform’s capabilities across all popular operating systems with the end goal of allowing security teams to defend all their endpoint users using a unified security solution.

In June 2020, the Microsoft enterprise antivirus expanded to support more non-Windows platforms reaching general availability for Linux customers and public preview for Android. One year later, Redmond added support for macOS as part of a limited preview.

Also Read: What Does a Data Protection Officer Do? 5 Main Things

Two months ago, Microsoft announced that Microsoft Defender for Endpoint also supports Windows 10 on Arm devices.

Outsourced DPO – It is mandatory to appoint a Data Protection Officer. Engage us today.

PDPA Training (SkillsFuture Eligible) – Empower data protection knowledge for your employees.

Vulnerability Assessment Penetration Testing – Find loopholes in your websites, mobile apps or systems.

Privacy Ninja provides GUARANTEED quality and results for the following services: 
DPO-As-A-Service (Outsourced DPO Subscription)
PDPA Compliance Training
DPA Compliance Audit
ital Transformation Consultancy
Data Protection Trustmarks Certification Readiness Consultancy

PDPA Data Protection Software
Vulnerability Assessment & Penetration Testing (VAPT)
Smart Contract Audit

Like & Subscribe:

Categories: Microsoft


Leave a Reply

Your email address will not be published. Required fields are marked *