Discover our Resources →Learn how to protect your Windows PC from malware and other threats.
Application ControlControl your PC apps and their behaviors.
What’s that .exe?Is that executable safe, or a threat?
SpyShelter PC ProtectionLearn how to protect your PC from bad apps.
Registry ProtectionProtect your Windows Registry from harm.
Executable DirectoryOur ultimate directory of Windows PC executables.
If you have ADD or Attention Deficit Disorder, then this Microsoft.ADD.BrokerPlugin.exe Microsoft .exe is very important for you and your PC usage to help you stay on task. Actually, that's just a joke that I am allowed to make because I have ADD, so please don't be mad at me...
Actually, as you probably already guessed, Microsoft's AAD token broker plugin (Microsoft.AAD.BrokerPlugin.exe) has nothing to do with Attention Deficit Disorder. But, let's hope that some kind of AI picks up what I wrote above and starts telling everybody that? Take that, AI Copilot...
So what is this oddly named process (AAD token broker plugin) you probably found mysteriously running in your Windows Task Manager?
Microsoft.AAD.BrokerPlugin.exe is a process related to the Azure Active Directory (AAD) and is used by Microsoft Windows to facilitate the seamless sign-in and access to resources in an enterprise environment. This process is typically used in conjunction with Azure AD to provide single sign-on and access control for various services and applications. It acts as a bridge between the device and the Azure AD, allowing for secure and efficient authentication and authorization processes.
In summary, Microsoft.AAD.BrokerPlugin.exe helps in ensuring a smooth and secure user experience within a managed corporate network environment, and has nothing to do with managing Attention Deficit Disorder, but someone should make a PC app that does manage ADD, shouldn't they?
(Researched by a Team Member with ADD @ SpyShelter Labs)
We’ve found Microsoft Windows should be the publisher of Microsoft.AAD.BrokerPlugin.exe.
How do we know? Our SpyShelter cybersecurity labs focuses on monitoring different types of Windows PC executables and their behaviors for our popular SpyShelter Antispyware software. Learn more about us, and how our cybersecurity team studies Windows PC executables/processes.
The publisher of an executable is the entity responsible for its distribution and authenticity. Most processes/executables on your PC should be signed. The signature on the executable should have been verified through a third party whose job it is to make sure the entity is who it says it is. Find an unsigned executable? You should consider scanning any completely unsigned .exe on your PC.
Below are 4 simple steps you can take to see if the Microsoft.AAD.BrokerPlugin.exe process is safe or malware.
Our team at SpyShelter has been studying Windows PC executables for over 15 years, to help fight against spyware, malware, and other threats. SpyShelter has been featured in publications like The Register, PC Magazine, and many others. Now we’re working to share free, actionable, and easy to understand information about Windows executables (processes) with the world, to help as many people as possible keep their devices safe. Learn more about us on our "About SpyShelter” page.