University of Southampton


Installing the Microsoft Defender for Endpoint Installer for macOS

This article explains how to install MS Defender on University-owned macOS computers.

You can download the package “Microsoft Defender for Endpoint” from the Software Centre.


Before you start

iSolutions packaged the Microsoft Defender for Endpoint installer to simplify Microsoft's installation process for unmanaged machines.

During the installation process, Microsoft Defender for Endpoint will also test for the existence of Symantec Endpoint Protection (the University's previous antivirus software offering) and automatically remove it. You can manually check if your device has Symantec Endpoint Protection installed by opening the “Applications” folder and searching for “Symantec Endpoint".

The package requires your macOS device to be connected to the internet during the installation: this is because it needs to licence and update Defender. Once installed, you may disconnect from the internet if required.

Downloading Microsoft Defender may also use a reasonable amount of data during the upgrade. We recommend not to run the package when connected to a mobile phone - unless you have an unlimited data package.

Please note: Microsoft Defender for Endpoint will only install on macOS 10.15 (Catalina) and above (including 12.x Monterey). Please do not use the package if your macOS device is using an older operating system. If you need guidance on finding which macOS your Mac is using, please read the article "Find out which macOS your Mac is using" from the Apple website.


Installing on macOS Catalina, Big Sur or Monterey (10.15 plus 11.x and 12.x)

1. Download the installer from the software download website.

2. If you double click on the package to run it, you may get a prompt that it "...cannot be opened because it is from an unidentified developer":

Dialog box described here above

3. Instead, right-click on the package (or hold the"control" key down on your keyboard and then left-click) then choose "Open". You will then be given the option to "Open" the package:

Dialog box asking if you are sure you want to open the downloaded package

5. The first two screens you will see are:

  1. the standard "Introduction" screen:

  2. and the "Important Information" screen (which is a summary of the most important information covered below):

6. The installer will then display:

  1. the name of the disk that is is going to attempt to install on:
    Installation dialog box displaying the name of the disk

  2. and will ask for elevated permissions:
    Dialog box informing you that installer is trying to install the software

7. It will remind you that a reboot is required and double check that you're in a position to continue:

Dialog box asking for a reboot at the end of the process

8. Microsoft's installer may then ask for permission to access your "Downloads" folder (macOS 10.15+). This is not actually required, so answer "Don't Allow" or "OK" as you wish: 


9. The installer will then move on to the "Running Package Scripts" section. This is where most of the installation actually takes place and can take 5 minutes or more (depending on hardware and internet speed). Please be patient! 


10. The installation will pause while it waits for you to approve Microsoft Defender's System Extension (this is an Apple Security feature that, quite correctly, cannot be automated):


11. Your Operating System will ask you to enable the installation of Microsoft Defender. To allow this action, select the button "Open Security Preferences": 

macOS 10.15

Please note: The system extensions installed by this package are always the newest versions and are compatible with macOS Big Sur.

macOS 11.0+



12. Unlock the Security Preferences by selecting the padlock and typing in your password (macOS 10.15 and above only). 



13. Then click the "Allow" button.


14. The prompt will clear from the Security and Privacy Settings once it has been approved: 

macOS 10.15


macOS 11.0+


Defender for macOS 11.0 and above will give an additional prompt to "allow network content filtering" after the system extensions have been approved. Please also "Allow" this feature:


15. The installation will then resume.


16. On macOS 10.15 and above you may eventually see a brief "Verifying Microsoft Defender" pop up, followed by a notification asking you to allow notifications from Microsoft Defender - you may allow or disallow this as you prefer. We recommend allowing it so that you get obvious notifications of any malware it discovers or update actions it requires:

macOS 10.15


macOS 11.0+



17. You may also see a notification from Microsoft AutoUpdate asking you to confirm that you have read Microsoft's Privacy notice. This is part of the Defender definition update process:


18. Once Defender is fully up-to-date, the installation process needs to be completed by rebooting your system. To do that, select "Restart":


Allowing Microsoft Defender Full Disk Access (macOS version 10.15 and above)

Apple introduced additional security measures on macOS Catalina onward which require you to manually grant Microsoft Defender "Full Disk" access (for example, the ability to read and modify files on your hard disk - without which it cannot scan for and remediate malware).

Step-by-step instructions

1. Select the Microsoft Defender icon will show an "Action recommended" option. Selecting that will open Microsoft Defender:


2. Microsoft Defender will show you what action needs to be taken. Selecting "Fix" will open Security Preferences for you:



3. Unlock the Security Preferences by clicking the padlock and typing in your password.

macOS 10.15

macOS 11.0+


4. Then, under the "Full Disk Access" section, tick the checkbox(s) next to "Microsoft Defender ATP":

macOS 10.15

Microsoft Defender ATP check box ticked and highlighted


macOS 11.0+

Microsoft Defender ATP and Microsoft Defender Security Extensions check boxes ticked and highlighted


5. Basic configuration of Microsoft Defender is now complete. Please read the article "Configuring and Using Microsoft Defender for Endpoint for macOS" for more detailed information on how to use the product as well as how to set your own preferences up


Related content

Configuring and Using Microsoft Defender for Endpoint for macOS

How to download software

Attached files:

Was this article helpful?

If you have any further comments, please put them below.

Please note that feedback is anonymous - if you require a reply or assistance, please raise a ticket via ServiceLine.

Thank you for your feedback, it is much appreciated.

Tweet This Article

Back to List

We use cookies to ensure that we give you the best experience on our website. If you continue without changing your settings, we will assume that you are happy to receive cookies on the University of Southampton website.