Microsoft Secure Score will add a new recommendation to block outbound traffic from mshta.exe in Microsoft Defender for Endpoint, starting public preview in late March 2026. This reduces risk from attacks using mshta.exe, requires admin action to enable, and impacts compliance monitoring and data access.
Applies to: Microsoft Defender XDR
Source: mc.merill.net — data via Merill Fernando's open archive (MIT).