Archive Scanning should be enabled
Why This Matters
Archive files like ZIP, RAR, and 7-Zip are common vectors for malware delivery, as malicious content can be hidden inside compressed archives. If archive scanning is disabled, Microsoft Defender Antivirus will not inspect these files during scans, leaving your endpoints vulnerable to threats that arrive in archived form. Enabling this setting ensures comprehensive protection against malware concealed within compressed files.
What Aether365 Checks
This check verifies that Microsoft Defender Antivirus policies in Intune have the "Allow Archive Scanning" setting configured to "Allowed". You can view this result in the Aether365 dashboard under the Defender checks section.