The update to Microsoft Defender for Mobile will log open Wi-Fi and suspicious certificate detections as events instead of alerts starting late May 2025. This change aims to reduce alert fatigue and improve triage efficiency. No action is required from admins, and current security settings remain unchanged. GCC organizations can disregard this message.
Applies to: Microsoft Defender XDR
Source: mc.merill.net — data via Merill Fernando's open archive (MIT).