Information
This policy setting manages whether or not Microsoft Defender Antivirus scans excluded files and directories when running a Quick Scan.
The recommended state for this setting is: If you set this setting to 1, all files and directories that are excluded from real-time protection using contextual exclusions are scanned during a quick scan
Note: As of the publication of this Benchmark, the setting configuration state in Intune is the sentence above after
The recommended state for this setting is:
and not
1
as the title states. This was done to keep title length to a minimum.
The Real-time Protection feature excludes some files and directories for contextual reasons. This setting ensures that these are scanned during a Quick Scan.
Solution
To establish the recommended configuration via configuration profiles, set the following Settings Catalog path to If you set this setting to 1, all files and directories that are excluded from real-time protection using contextual exclusions are scanned during a quick scan
Defender\Quick Scan Include Exclusions
Impact:
A Quick Scan could take longer when including the contextually excluded files and directories.