Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

Description of Microsoft Advanced Threat Analytics v1.8 including Update 1

View products that this article applies to.

This article describes the enhancements in Microsoft Advanced Threat Analytics (ATA) v1.8, and also includes Update 1 for ATA v1.8, for more information, see KB4036650.

Detection enhancements

  • Adds detection of abnormal modification of sensitive groups 
  • Adds detection of suspicious authentication failures (behavioral brute force) 
  • Improves remote execution detection
  • Improves unusual protocol implementation to detect WannaCry malware
  • Enhances Kerberos Golden Ticket detection 

Infrastructure enhancements

  • Single sign-on
  • Better management of suspicious activity: exclusion, deletion and suppression
  • Auditing logs
  • Local collection of events while you are using lightweight gateway
  • Center performance improvements
  • Reports module

For more information, see What's new in ATA 1.8.

↑ Back to the top

How to get this update

Method 1: Microsoft Update

Use Microsoft Update to automatically download and install the update.

Method 2: Microsoft Download Center

The following file is also available for download from the Microsoft Download Center:

Download Download the ATA 1.8 with Update 1 package now.

For more information about how to download Microsoft support files, click the following article number to view the article in the Microsoft Knowledge Base:

119591 How to obtain Microsoft support files from online services

Microsoft scanned this file for viruses. Microsoft used the most current virus-detection software that was available on the date that the file was posted. The file is stored on security-enhanced servers that help prevent any unauthorized changes to the file.

Update detail information


To install this update, you should first install Microsoft Advanced Threat Analytics v1.7 with Update 2 (1.7.5757) or with Update 1 (1.7.5647) or v1.8 (1.8.6645). If you are using version 1.7.5402, you must first upgrade to 1.7.5757.

Registry information

To apply this update, you don't have to make any changes to the registry.

Restart requirement

You may have to restart the computer after you apply this update.

Update replacement information

This update doesn't replace a previously released update.

↑ Back to the top


Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top

Keywords: kb, kbexpertiseadvanced, kbfix, atdownload, kbsurveynew, kbqfe

↑ Back to the top

Article Info
Article ID : 4032180
Revision : 20
Created on : 4/10/2020
Published on : 4/10/2020
Exists online : False
Views : 233