question

StephenCarver-7447 avatar image
0 Votes"
StephenCarver-7447 asked TeemoTang-MSFT commented

Display additional text to clients when they need to perform an action

We are using windows defender and I am trying to set a custom Notification message for the client when encountering a virus. We have set the following GPO setting: “Display additional text to clients when they need to perform an action”. We have also set registry policy manually.

We test the notification policy by introducing a non-malignant virus to the system. Every time we introduce the virus, Defender cleans the virus but does not bring the custom notification.

We have enable “Enhanced Notifications” for Defender and “Security and Maintenance” notifications. I still do not get the custom notification.

Is this GPO setting suppose to come up when the virus is encountered? Any assistance will be appreciated.

windows-10-security
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

If you get help from our reply, please click "Accept Answer" on a reply to help other community members find the helpful reply quickly.
If you resolve issue using your own solution, please share your experience and solution here. It will be very beneficial for other community members who have similar questions.

0 Votes 0 ·

1 Answer

TeemoTang-MSFT avatar image
0 Votes"
TeemoTang-MSFT answered

Let’s check the explanation of the policy: Display additional text to clients when they need to perform an action.
This policy setting allows you to configure whether or not to display additional text to clients when they need to perform an action. The text displayed is a custom administrator-defined string.
Only when users need to perform an action then the addition text will display, if the virus has been removed by Defender automatically without user action, the customized notification should not be displayed.
Maybe your non-malignant virus cannot act as a real virus which can make Defender provides a prompt for users to perform an action then trigger the additional text notification.
Besides, this GPO seems only works on Windows Enterprise edition.
110799-image.png

In fact, your current notification configurations are correct, we don’t need to do additional settings, when clients occurred a real virus and defender detects it, it will prompts a notification.
More information here:
https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/use-group-policy-microsoft-defender-antivirus?view=o365-worldwide


If the Answer is helpful, please click "Accept Answer" and upvote it.
Information posted in the given link is hosted by a third party. Microsoft does not guarantee the accuracy and effectiveness of information.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.



image.png (251.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.