Defender Antivirus File Extension Exclusion

This guide will allow administrators to specify a file extension that will be excluded from Defender Antivirus interference.

Role Requirements

Procedure Scope: Administrators

Required Group Membership: Admin.Security

Handbook Reference

Package: Device Security

Domain: Antivirus Management

Modifies: Defender Antivirus File Extension Exclusions

Defender Antivirus File Extension Exclusion

  1. Navigate to Antivirus – Intune, locate the Security Essentials Defender Exclusions configuration item.
  2. Scroll down to Configuration Settings and select Edit.
  3. Find the Excluded Extensions line item and click the radio button to the right to Configured.
  4. In the box below, enter the types of file extensions in which Defender Antivirus should ignore. It is recommended that these are not commonly malicious file extensions – such as .exe, .cab, .ps1, etc. Enter the extension only, with no periods or spaces.
  5. Click Review and Save on the next page, followed by Save. Rule changes propagate in less than 24 hours.

Need Assistance?

Reach out to your Customer Success Manager to discuss how a Sittadel cybersecurity analyst can assist in managing these tasks for you. New to our services? Inquire about arranging a consultation to explore optimizing your Azure environment for painless management.