From 533446960dd0f0f48cdeaa470be2f0a947e93f2b Mon Sep 17 00:00:00 2001 From: illfated Date: Sat, 15 Feb 2020 14:44:23 +0100 Subject: [PATCH 01/49] chore: MarkDown Note marker compatibility spacing **Description:** - Hololens directory This PR is a standalone attempt to standardize the MarkDown Note bubbles by adding the recommended single space after the quote marker. MarkDown codestyle consistency is the main goal here. **Changes proposed:** - Add single space between the quote marker and the text [!NOTE] - Add the same spacing to the connected text lines in the same bubble - Do the same to other nearby notes [!TIP], [!WARNING], [!IMPORTANT] - Standardize on uppercase [!NOTE] instead of mixed casing ( [!Note] ) - Remove incorrect space in code block syntax highlighting **Ticket reference or closure:** None that I know of (at least not yet). **Additional notes:** I have split this modification chore into sub-folder sections to keep the number of files within a reasonably manageable amount. --- .../hololens-commercial-infrastructure.md | 12 +++--- devices/hololens/hololens-cortana.md | 4 +- devices/hololens/hololens-encryption.md | 16 ++++---- devices/hololens/hololens-enroll-mdm.md | 4 +- devices/hololens/hololens-insider.md | 4 +- devices/hololens/hololens-kiosk.md | 32 ++++++++-------- devices/hololens/hololens-known-issues.md | 14 +++---- devices/hololens/hololens-provisioning.md | 38 +++++++++---------- devices/hololens/hololens-recovery.md | 8 ++-- devices/hololens/hololens-updates.md | 4 +- 10 files changed, 68 insertions(+), 68 deletions(-) diff --git a/devices/hololens/hololens-commercial-infrastructure.md b/devices/hololens/hololens-commercial-infrastructure.md index 568bbe92e5..b7378d0411 100644 --- a/devices/hololens/hololens-commercial-infrastructure.md +++ b/devices/hololens/hololens-commercial-infrastructure.md @@ -64,8 +64,8 @@ Guides only require network access to download and use the app. ## Azure Active Directory Guidance ->[!NOTE] ->This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. +> [!NOTE] +> This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. 1. Ensure that you have an Azure AD License. Please [HoloLens Licenses Requirements](hololens-licenses-requirements.md)for additional information. @@ -99,8 +99,8 @@ These steps ensure that your company’s users (or a group of users) can add dev ### Ongoing device management ->[!NOTE] ->This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. +> [!NOTE] +> This step is only necessary if your company plans on managing the HoloLens and mixed reality apps. Ongoing device management will depend on your mobile device management infrastructure. Most have the same general functionality but the user interface may vary widely. 1. [CSPs (Configuration Service Providers)](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices) allows you to create and deploy management settings for the devices on your network. Some CSPs are supported by HoloLens devices. (See the list of CSPs for HoloLens [here](https://docs.microsoft.com/windows/client-management/mdm/configuration-service-provider-reference#csps-supported-in-hololens-devices)). @@ -150,8 +150,8 @@ Steps for SCEP can be found [here](https://docs.microsoft.com/intune/protect/cer ### How to Upgrade to Holographics for Business Commercial Suite ->[!NOTE] ->Windows Holographics for Business (commercial suite) is only intended for HoloLens 1st gen devices. The profile will not be applied to HoloLens 2 devices. +> [!NOTE] +> Windows Holographics for Business (commercial suite) is only intended for HoloLens 1st gen devices. The profile will not be applied to HoloLens 2 devices. Directions for upgrading to the commercial suite can be found [here](https://docs.microsoft.com/intune/configuration/holographic-upgrade). diff --git a/devices/hololens/hololens-cortana.md b/devices/hololens/hololens-cortana.md index 82ded27dd3..05d9a46105 100644 --- a/devices/hololens/hololens-cortana.md +++ b/devices/hololens/hololens-cortana.md @@ -36,8 +36,8 @@ Get around HoloLens faster with these basic commands. In order to use these you Use these commands throughout Windows Mixed Reality to get around faster. Some commands use the gaze cursor, which you bring up by saying “select.” ->[!NOTE] ->Hand rays are not supported on HoloLens (1st Gen). +> [!NOTE] +> Hand rays are not supported on HoloLens (1st Gen). | Say this | To do this | | - | - | diff --git a/devices/hololens/hololens-encryption.md b/devices/hololens/hololens-encryption.md index 6c8b9118e6..af44d41fb3 100644 --- a/devices/hololens/hololens-encryption.md +++ b/devices/hololens/hololens-encryption.md @@ -51,22 +51,22 @@ Provisioning packages are files created by the Windows Configuration Designer to 1. Find the XML license file that was provided when you purchased the Commercial Suite. 1. Browse to and select the XML license file that was provided when you purchased the Commercial Suite. - >[!NOTE] - >You can configure [additional settings in the provisioning package](hololens-provisioning.md). + > [!NOTE] + > You can configure [additional settings in the provisioning package](hololens-provisioning.md). 1. On the **File** menu, click **Save**. 1. Read the warning explaining that project files may contain sensitive information and click **OK**. - >[!IMPORTANT] - >When you build a provisioning package, you may include sensitive information in the project files and provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when no longer needed. + > [!IMPORTANT] + > When you build a provisioning package, you may include sensitive information in the project files and provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when no longer needed. 1. On the **Export** menu, click **Provisioning package**. 1. Change **Owner** to **IT Admin**, which will set the precedence of this provisioning package higher than provisioning packages applied to this device from other sources, and then select **Next**. 1. Set a value for **Package Version**. - >[!TIP] - >You can make changes to existing packages and change the version number to update previously applied packages. + > [!TIP] + > You can make changes to existing packages and change the version number to update previously applied packages. 1. On the **Select security details for the provisioning package**, click **Next**. 1. Click **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows ICD uses the project folder as the output location. @@ -87,8 +87,8 @@ Provisioning packages are files created by the Windows Configuration Designer to 1. The device will ask you if you trust the package and would like to apply it. Confirm that you trust the package. 1. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with device setup. ->[!NOTE] ->If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. +> [!NOTE] +> If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. ## Verify device encryption diff --git a/devices/hololens/hololens-enroll-mdm.md b/devices/hololens/hololens-enroll-mdm.md index dc042a0f9f..c8b54ac1f2 100644 --- a/devices/hololens/hololens-enroll-mdm.md +++ b/devices/hololens/hololens-enroll-mdm.md @@ -20,8 +20,8 @@ appliesto: You can manage multiple Microsoft HoloLens devices simultaneously using solutions like [Microsoft Intune](https://docs.microsoft.com/intune/windows-holographic-for-business). You will be able to manage settings, select apps to install and set security configurations tailored to your organization's need. See [Manage devices running Windows Holographic with Microsoft Intune](https://docs.microsoft.com/intune/windows-holographic-for-business), the [configuration service providers (CSPs) that are supported in Windows Holographic](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/configuration-service-provider-reference#hololens), and the [policies supported by Windows Holographic for Business](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#hololenspolicies). ->[!NOTE] ->Mobile device management (MDM), including the VPN, Bitlocker, and kiosk mode features, is only available when you [upgrade to Windows Holographic for Business](hololens1-upgrade-enterprise.md). +> [!NOTE] +> Mobile device management (MDM), including the VPN, Bitlocker, and kiosk mode features, is only available when you [upgrade to Windows Holographic for Business](hololens1-upgrade-enterprise.md). ## Requirements diff --git a/devices/hololens/hololens-insider.md b/devices/hololens/hololens-insider.md index 633f296a3e..2fa165c778 100644 --- a/devices/hololens/hololens-insider.md +++ b/devices/hololens/hololens-insider.md @@ -46,8 +46,8 @@ To opt out of Insider builds: Please use [the Feedback Hub app](hololens-feedback.md) on your HoloLens to provide feedback and report issues. Using Feedback Hub ensures that all necessary diagnostics information is included to help our engineers quickly debug and resolve the problem. Issues with the Chinese and Japanese version of HoloLens should be reported the same way. ->[!NOTE] ->Be sure to accept the prompt that asks whether you’d like Feedback Hub to access your Documents folder (select **Yes** when prompted). +> [!NOTE] +> Be sure to accept the prompt that asks whether you’d like Feedback Hub to access your Documents folder (select **Yes** when prompted). ## Note for developers diff --git a/devices/hololens/hololens-kiosk.md b/devices/hololens/hololens-kiosk.md index ae870f5847..e895069d36 100644 --- a/devices/hololens/hololens-kiosk.md +++ b/devices/hololens/hololens-kiosk.md @@ -27,15 +27,15 @@ Kiosk mode | Voice and Bloom commands | Quick actions menu | Camera and video | Single-app kiosk | ![no](images/crossmark.png) | ![no](images/crossmark.png) | ![no](images/crossmark.png) | ![no](images/crossmark.png) Multi-app kiosk | ![yes](images/checkmark.png) | ![yes](images/checkmark.png) with **Home** and **Volume** (default)

Photo and video buttons shown in Quick actions menu if the Camera app is enabled in the kiosk configuration.

Miracast is shown if the Camera app and device picker app are enabled in the kiosk configuration. | ![yes](images/checkmark.png) if the Camera app is enabled in the kiosk configuration. | ![yes](images/checkmark.png) if the Camera app and device picker app are enabled in the kiosk configuration. ->[!NOTE] ->Use the Application User Model ID (AUMID) to allow apps in your kiosk configuration. The Camera app AUMID is `HoloCamera_cw5n1h2txyewy!HoloCamera`. The device picker app AUMID is `HoloDevicesFlow_cw5n1h2txyewy!HoloDevicesFlow`. +> [!NOTE] +> Use the Application User Model ID (AUMID) to allow apps in your kiosk configuration. The Camera app AUMID is `HoloCamera_cw5n1h2txyewy!HoloCamera`. The device picker app AUMID is `HoloDevicesFlow_cw5n1h2txyewy!HoloDevicesFlow`. The [AssignedAccess Configuration Service Provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) enables kiosk configuration. ->[!WARNING] ->The assigned access feature which enables kiosk mode is intended for corporate-owned fixed-purpose devices. When the multi-app assigned access configuration is applied on the device, certain policies are enforced system-wide, and will impact other users on the device. Deleting the multi-app configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all [the enforced policies](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps#policies-set-by-multi-app-kiosk-configuration). A factory reset is needed to clear all the policies enforced via assigned access. +> [!WARNING] +> The assigned access feature which enables kiosk mode is intended for corporate-owned fixed-purpose devices. When the multi-app assigned access configuration is applied on the device, certain policies are enforced system-wide, and will impact other users on the device. Deleting the multi-app configuration will remove the assigned access lockdown profiles associated with the users, but it cannot revert all [the enforced policies](https://docs.microsoft.com/windows/configuration/lock-down-windows-10-to-specific-apps#policies-set-by-multi-app-kiosk-configuration). A factory reset is needed to clear all the policies enforced via assigned access. > ->Be aware that voice commands are enabled for kiosk mode configured in Microsoft Intune or provisioning packages, even if the Cortana app is not selected as a kiosk app. +> Be aware that voice commands are enabled for kiosk mode configured in Microsoft Intune or provisioning packages, even if the Cortana app is not selected as a kiosk app. For HoloLens devices running Windows 10, version 1803, there are three methods that you can use to configure the device as a kiosk: - You can use [Microsoft Intune or other mobile device management (MDM) service](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803) to configure single-app and multi-app kiosks. @@ -48,15 +48,15 @@ For HoloLens devices running Windows 10, version 1607, you can [use the Windows If you use [MDM, Microsoft Intune](#set-up-kiosk-mode-using-microsoft-intune-or-mdm-windows-10-version-1803), or a [provisioning package](#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803) to configure a multi-app kiosk, the procedure requires a Start layout. Start layout customization isn't supported in Holographic for Business, so you'll need to use a placeholder Start layout. ->[!NOTE] ->Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed. +> [!NOTE] +> Because a single-app kiosk launches the kiosk app when a user signs in, there is no Start screen displayed. ### Start layout file for MDM (Intune and others) Save the following sample as an XML file. You can use this file when you configure the multi-app kiosk in Microsoft Intune (or in another MDM service that provides a kiosk profile). ->[!NOTE] ->If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). +> [!NOTE] +> If you need to use a custom setting and full XML configuration to set up a kiosk in your MDM service, use the [Start layout instructions for a provisioning package](#start-layout-for-a-provisioning-package). ```xml [!IMPORTANT] - >When you set up HoloLens to use the Device Portal, you must enable **Developer Mode** on the device. **Developer Mode** on a device that has been upgraded to Windows Holographic for Business enables side-loading of apps, which risks the installation of apps that have not been certified by the Microsoft Store. Administrators can block the ability to enable **Developer Mode** using the **ApplicationManagement/AllowDeveloper Unlock** setting in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). [Learn more about Developer Mode.](https://msdn.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode) + > [!IMPORTANT] + > When you set up HoloLens to use the Device Portal, you must enable **Developer Mode** on the device. **Developer Mode** on a device that has been upgraded to Windows Holographic for Business enables side-loading of apps, which risks the installation of apps that have not been certified by the Microsoft Store. Administrators can block the ability to enable **Developer Mode** using the **ApplicationManagement/AllowDeveloper Unlock** setting in the [Policy CSP](https://msdn.microsoft.com/library/windows/hardware/dn904962.aspx). [Learn more about Developer Mode.](https://msdn.microsoft.com/windows/uwp/get-started/enable-your-device-for-development#developer-mode) 2. On a PC, connect to the HoloLens using [Wi-Fi](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#connecting_over_wi-fi) or [USB](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#connecting_over_usb). 3. [Create a user name and password](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#creating_a_username_and_password) if this is the first time you connect to the Windows Device Portal, or enter the user name and password that you previously set up. - >[!TIP] - >If you see a certificate error in the browser, follow [these troubleshooting steps](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#security_certificate). + > [!TIP] + > If you see a certificate error in the browser, follow [these troubleshooting steps](https://developer.microsoft.com/windows/mixed-reality/Using_the_Windows_Device_Portal.html#security_certificate). 4. In the Windows Device Portal, click **Kiosk Mode**. ![Kiosk Mode](images/kiosk.png) - >[!NOTE] - >The kiosk mode option will be available if the device is [enrolled in device management](hololens-enroll-mdm.md) and has a [license to upgrade to Windows Holographic for Business](hololens1-upgrade-enterprise.md). + > [!NOTE] + > The kiosk mode option will be available if the device is [enrolled in device management](hololens-enroll-mdm.md) and has a [license to upgrade to Windows Holographic for Business](hololens1-upgrade-enterprise.md). 5. Select **Enable Kiosk Mode**, choose an app to run when the device starts, and click **Save**. @@ -210,4 +210,4 @@ Use the following snippet in your kiosk configuration XML to enable the **Guest* ## More information Watch how to configure a kiosk in a provisioning package. ->[!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] \ No newline at end of file +> [!VIDEO https://www.microsoft.com/videoplayer/embed/fa125d0f-77e4-4f64-b03e-d634a4926884?autoplay=false] diff --git a/devices/hololens/hololens-known-issues.md b/devices/hololens/hololens-known-issues.md index 3cb3f43717..c508f805e5 100644 --- a/devices/hololens/hololens-known-issues.md +++ b/devices/hololens/hololens-known-issues.md @@ -19,8 +19,8 @@ This is the current list of known issues for HoloLens that affect developers. Ch ## Unable to connect and deploy to HoloLens through Visual Studio ->[!NOTE] ->Last Update: 8/8 @ 5:11PM - Visual Studio has released VS 2019 Version 16.2 which includes a fix to this issue. We recommend updating to this newest version to avoid experiencing this error. +> [!NOTE] +> Last Update: 8/8 @ 5:11PM - Visual Studio has released VS 2019 Version 16.2 which includes a fix to this issue. We recommend updating to this newest version to avoid experiencing this error. Visual Studio has released VS 2019 Version 16.2 which includes a fix to this issue. We recommend updating to this newest version to avoid experiencing this error. @@ -36,14 +36,14 @@ Our team is currently working on a fix. In the meantime, you can use the followi 1. Give the project a name (such as "HoloLensDeploymentFix") and make sure the Framework is set to at least .NET Framework 4.5, then Select **OK**. 1. Right-click on the **References** node in Solution Explorer and add the following references (select to the **Browse** section and select **Browse**): - ``` CMD + ```CMD C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x86\Microsoft.Tools.Deploy.dll C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x86\Microsoft.Tools.Connectivity.dll C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x86\SirepInterop.dll ``` - >[!NOTE] - >If you don't have 10.0.18362.0 installed, use the most recent version that you have. + > [!NOTE] + > If you don't have 10.0.18362.0 installed, use the most recent version that you have. 1. Right-click on the project in Solution Explorer and select **Add** > **Existing Item**. 1. Browse to C:\Program Files (x86)\Windows Kits\10\bin\10.0.18362.0\x86 and change the filter to **All Files (\*.\*)**. @@ -51,14 +51,14 @@ Our team is currently working on a fix. In the meantime, you can use the followi 1. Locate and select both files in Solution Explorer (they should be at the bottom of the list of files) and change **Copy to Output Directory** in the **Properties** window to **Copy always**. 1. At the top of the file, add the following to the existing list of `using` statements: - ``` CMD + ```CMD using Microsoft.Tools.Deploy; using System.Net; ``` 1. Inside of `static void Main(...)`, add the following code: - ``` PowerShell + ```PowerShell RemoteDeployClient client = RemoteDeployClient.CreateRemoteDeployClient(); client.Connect(new ConnectionOptions() { diff --git a/devices/hololens/hololens-provisioning.md b/devices/hololens/hololens-provisioning.md index 7eefba6e17..5d9e3c30a7 100644 --- a/devices/hololens/hololens-provisioning.md +++ b/devices/hololens/hololens-provisioning.md @@ -31,7 +31,7 @@ The HoloLens wizard helps you configure the following settings in a provisioning - Upgrade to the enterprise edition - >[!NOTE] + > [!NOTE] > This should only be used for HoloLens 1st Gen devices. Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). - Configure the HoloLens first experience (OOBE) @@ -41,8 +41,8 @@ The HoloLens wizard helps you configure the following settings in a provisioning - Enable Developer Mode - Configure kiosk mode. (Detailed instructions for configuring kiosk mode can be found [here](hololens-kiosk.md#set-up-kiosk-mode-using-a-provisioning-package-windows-10-version-1803)). ->[!WARNING] ->You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. +> [!WARNING] +> You must run Windows Configuration Designer on Windows 10 to configure Azure Active Directory enrollment using any of the wizards. Provisioning packages can include management instructions and policies, customization of network connections and policies, and more. @@ -88,8 +88,8 @@ After you're done, click **Create**. It only takes a few seconds. When the packa ### 3. Create a provisioning package for HoloLens using advanced provisioning ->[!NOTE] ->Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). +> [!NOTE] +> Settings in a provisioning package will only be applied if the provisioning package includes an edition upgrade license to Windows Holographic for Business or if [the device has already been upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md). 1. On the Windows Configuration Designer start page, select **Advanced provisioning**. 2. In the **Enter project details** window, specify a name for your project and the location for your project. Optionally, enter a brief description to describe your project. @@ -102,15 +102,15 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 7. Expand **Runtime settings** and customize the package with any of the settings [described below](#what-you-can-configure). - >[!IMPORTANT] - >(For Windows 10, version 1607 only) If you create a local account in the provisioning package, you must change the password using the **Settings** app every 42 days. If the password is not changed during that period, the account might be locked out and unable to sign in. If the user account is locked out, you must [perform a full device recovery](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens#perform_a_full_device_recovery). + > [!IMPORTANT] + > (For Windows 10, version 1607 only) If you create a local account in the provisioning package, you must change the password using the **Settings** app every 42 days. If the password is not changed during that period, the account might be locked out and unable to sign in. If the user account is locked out, you must [perform a full device recovery](https://developer.microsoft.com/windows/mixed-reality/reset_or_recover_your_hololens#perform_a_full_device_recovery). 8. On the **File** menu, click **Save**. 4. Read the warning that project files may contain sensitive information, and click **OK**. - >[!IMPORTANT] - >When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed. + > [!IMPORTANT] + > When you build a provisioning package, you may include sensitive information in the project files and in the provisioning package (.ppkg) file. Although you have the option to encrypt the .ppkg file, project files are not encrypted. You should store the project files in a secure location and delete the project files when they are no longer needed. 3. On the **Export** menu, click **Provisioning package**. @@ -118,13 +118,13 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 5. Set a value for **Package Version**. - >[!TIP] - >You can make changes to existing packages and change the version number to update previously applied packages. + > [!TIP] + > You can make changes to existing packages and change the version number to update previously applied packages. 6. On the **Select security details for the provisioning package**, click **Next**. - >[!WARNING] - >If you encrypt the provisioning package, provisioning the HoloLens device will fail. + > [!WARNING] + > If you encrypt the provisioning package, provisioning the HoloLens device will fail. 7. Click **Next** to specify the output location where you want the provisioning package to go once it's built. By default, Windows Configuration Designer uses the project folder as the output location. @@ -154,13 +154,13 @@ After you're done, click **Create**. It only takes a few seconds. When the packa 7. You will see whether the package was applied successfully or not. If it failed, you can fix your package and try again. If it succeeded, proceed with OOBE. ->[!NOTE] ->If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. +> [!NOTE] +> If the device was purchased before August 2016, you will need to sign into the device with a Microsoft account, get the latest OS update, and then reset the OS in order to apply the provisioning package. ### 4. Apply a provisioning package to HoloLens after setup ->[!NOTE] ->Windows 10, version 1809 only +> [!NOTE] +> Windows 10, version 1809 only On your PC: 1. Create a provisioning package as described at [Create a provisioning package for HoloLens using the HoloLens wizard](hololens-provisioning.md). @@ -189,7 +189,7 @@ In Windows Configuration Designer, when you create a provisioning package for Wi | **EditionUpgrade** | [Upgrade to Windows Holographic for Business.](hololens1-upgrade-enterprise.md) | | **Policies** | Allow or prevent developer mode on HoloLens. [Policies supported by Windows Holographic for Business](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/policy-configuration-service-provider#hololenspolicies) | ->[!NOTE] ->App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. +> [!NOTE] +> App installation (**UniversalAppInstall**) using a provisioning package is not currently supported for HoloLens. ## Next Step: [Enroll your device](hololens-enroll-mdm.md) diff --git a/devices/hololens/hololens-recovery.md b/devices/hololens/hololens-recovery.md index c873f08b58..ef751d84d5 100644 --- a/devices/hololens/hololens-recovery.md +++ b/devices/hololens/hololens-recovery.md @@ -74,8 +74,8 @@ If you’re still having problems, press the power button for 4 seconds, until a ## Reset to factory settings ->[!NOTE] ->The battery needs at least 40 percent charge to reset. +> [!NOTE] +> The battery needs at least 40 percent charge to reset. If your HoloLens is still experiencing issues after restarting, try resetting it to factory state. Resetting your HoloLens keeps the version of the Windows Holographic software that’s installed on it and returns everything else to factory settings. @@ -106,8 +106,8 @@ The Advanced Recovery Companion is a new app in Microsoft Store restore the oper 5. On the **Device info** page, select **Install software** to install the default package. (If you have a Full Flash Update (FFU) image that you want to install instead, select **Manual package selection**.) 6. Software installation will begin. Do not use the device or disconnect the cable during installation. When you see the **Installation finished** page, you can disconnect and use your device. ->[!TIP] ->In the event that a HoloLens 2 gets into a state where Advanced Recovery Companion cannot recognize the device, and it does not boot, try forcing the device into Flashing Mode and recovering it with Advanced Recovery Companion: +> [!TIP] +> In the event that a HoloLens 2 gets into a state where Advanced Recovery Companion cannot recognize the device, and it does not boot, try forcing the device into Flashing Mode and recovering it with Advanced Recovery Companion: 1. Connect the HoloLens 2 to a PC with Advanced Recovery Companion installed. 1. Press and hold the **Volume Up and Power buttons** until the device reboots. Release the Power button, but continue to hold the Volume Up button until the third LED is lit. diff --git a/devices/hololens/hololens-updates.md b/devices/hololens/hololens-updates.md index e0b662bd3d..4b9f869d88 100644 --- a/devices/hololens/hololens-updates.md +++ b/devices/hololens/hololens-updates.md @@ -69,8 +69,8 @@ To go back to a previous version of HoloLens (1st gen), follow these steps: # Use policies to manage updates to HoloLens ->[!NOTE] ->HoloLens (1st gen) devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates. +> [!NOTE] +> HoloLens (1st gen) devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates. To configure how and when updates are applied, use the following policies: From 38de1fc8c9abc9269a56b5aee52105c3b601d5a2 Mon Sep 17 00:00:00 2001 From: Jerry Sitser <36421998+przlplx@users.noreply.github.com> Date: Fri, 21 Feb 2020 14:06:18 -0800 Subject: [PATCH 02/49] Update index.md per CI 114009: In the "Quick reference by topic" table, added a row for "Contact Support" and changed the "topic" text for the "Get support" row to "More support options" --- devices/hololens/index.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/devices/hololens/index.md b/devices/hololens/index.md index 98835e4ce5..5bc8ea689f 100644 --- a/devices/hololens/index.md +++ b/devices/hololens/index.md @@ -50,7 +50,9 @@ appliesto: | [HoloLens user management](hololens-multiple-users.md) | Multiple users can shared a HoloLens device by using their Azure Active Directory accounts. | | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups. | | [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. | -| [Get support](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise. | +| [Contact Support](https://support.microsoft.com/en-us/supportforbusiness/productselection) | Create a new support request for the Support for business team. +| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise. +| ## Related resources From 49791a6c665c0dc3a7288c803ef0b395f11159f6 Mon Sep 17 00:00:00 2001 From: Jerry Sitser <36421998+przlplx@users.noreply.github.com> Date: Fri, 21 Feb 2020 14:53:24 -0800 Subject: [PATCH 03/49] Update index.md per CI 114009: additional changes to table: a) moved pipe character from line 55 to end of line 54; b) in row 4, deleted the "d" at the end of "shared" (corrected text: "Multiple users can share a HoloLens device") --- devices/hololens/index.md | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/devices/hololens/index.md b/devices/hololens/index.md index 5bc8ea689f..38305186b9 100644 --- a/devices/hololens/index.md +++ b/devices/hololens/index.md @@ -45,14 +45,13 @@ appliesto: | Topic | Description | | --- | --- | | [What's new in HoloLens](hololens-whats-new.md) | Discover new features in the latest updates via HoloLens release notes. | -| [Install and manage applications on HoloLens](hololens-install-apps.md) | Install and manage important applications on HoloLens at scale. | +| [Install and manage applications on HoloLens](hololens-install-apps.md) | Install and manage important applications on HoloLens at scale. | | [HoloLens update management](hololens-updates.md) | Use mobile device management (MDM) policies to configure settings for updates. | -| [HoloLens user management](hololens-multiple-users.md) | Multiple users can shared a HoloLens device by using their Azure Active Directory accounts. | +| [HoloLens user management](hololens-multiple-users.md) | Multiple users can share a HoloLens device by using their Azure Active Directory accounts. | | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups. | -| [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. | -| [Contact Support](https://support.microsoft.com/en-us/supportforbusiness/productselection) | Create a new support request for the Support for business team. -| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise. -| +| [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. | +| [Contact Support](https://support.microsoft.com/en-us/supportforbusiness/productselection) | Create a new support request for the Support for business team. | +| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise. | ## Related resources From c9a4d608f4d246ab2e5f7e1a0808174da72b0a7c Mon Sep 17 00:00:00 2001 From: Jerry Sitser <36421998+przlplx@users.noreply.github.com> Date: Fri, 21 Feb 2020 16:10:45 -0800 Subject: [PATCH 04/49] Update index.md --- devices/hololens/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/index.md b/devices/hololens/index.md index 38305186b9..c7e4d6b42e 100644 --- a/devices/hololens/index.md +++ b/devices/hololens/index.md @@ -51,7 +51,7 @@ appliesto: | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups. | | [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. | | [Contact Support](https://support.microsoft.com/en-us/supportforbusiness/productselection) | Create a new support request for the Support for business team. | -| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in enterprise. | +| [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in the enterprise. | ## Related resources From ebc5f6a7a411420078d097c30271b5e26338e23c Mon Sep 17 00:00:00 2001 From: Jerry Sitser <36421998+przlplx@users.noreply.github.com> Date: Fri, 21 Feb 2020 16:24:06 -0800 Subject: [PATCH 05/49] Update index.md --- devices/hololens/index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/index.md b/devices/hololens/index.md index c7e4d6b42e..0bebe66485 100644 --- a/devices/hololens/index.md +++ b/devices/hololens/index.md @@ -50,7 +50,7 @@ appliesto: | [HoloLens user management](hololens-multiple-users.md) | Multiple users can share a HoloLens device by using their Azure Active Directory accounts. | | [HoloLens application access management](hololens-kiosk.md) | Manage application access for different user groups. | | [Recover and troubleshoot HoloLens issues](https://support.microsoft.com/products/hololens) | Learn how to gather logs from HoloLens, recover a misbehaving device, or reset HoloLens when necessary. | -| [Contact Support](https://support.microsoft.com/en-us/supportforbusiness/productselection) | Create a new support request for the Support for business team. | +| [Contact Support](https://support.microsoft.com/supportforbusiness/productselection) | Create a new support request for the business support team. | | [More support options](https://support.microsoft.com/products/hololens) | Connect with Microsoft support resources for HoloLens in the enterprise. | ## Related resources From 50b36549cfd5220627cf2ef6e738be2599efe85f Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 25 Feb 2020 16:08:08 -0800 Subject: [PATCH 06/49] doc updates --- .../threat-and-vuln-mgt-scenarios.md | 94 +++++++++++-------- 1 file changed, 55 insertions(+), 39 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index 9f6f5b45c6..14398b7265 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -8,8 +8,8 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author: dolmont -author: DulceMontemayor +ms.author: ellevin +author: levinec ms.localizationpriority: medium manager: dansimp audience: ITPro @@ -18,15 +18,19 @@ ms.topic: article --- # Threat & Vulnerability Management scenarios + **Applies to:** + - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) +>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink) [!include[Prerelease information](../../includes/prerelease.md)] ## Before you begin + Ensure that your machines: + - Are onboarded to Microsoft Defender Advanced Threat Protection - Run with Windows 10 1709 (Fall Creators Update) or later @@ -47,15 +51,18 @@ Ensure that your machines: - Are tagged or marked as co-managed ## Reduce your threat and vulnerability exposure + Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats. The exposure score is continuously calculated on each device in the organization and influenced by the following factors: + - Weaknesses, such as vulnerabilities discovered on the device - External and internal threats such as public exploit code and security alerts - Likelihood of the device to get breached given its current security posture - Value of the device to the organization given its role and content The exposure score is broken down into the following levels: + - 0–29: low exposure score - 30–69: medium exposure score - 70–100: high exposure score @@ -65,15 +72,19 @@ You can remediate the issues based on prioritized security recommendations to re To lower down your threat and vulnerability exposure: 1. Review the **Top security recommendations** from your **Threat & Vulnerability Management dashboard**, and select the first item on the list. The **Security recommendation** page opens. - - >>![Top security recommendations](images/tvm_security_recommendations.png) - >[!NOTE] - > There are two types of recommendations: - > - Security update which refers to recommendations that require a package installation - > - Configuration change which refers to recommendations that require a registry or GPO modification - > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight ![Threat insight](images/tvm_bug_icon.png) icon and possible active alert ![Possible active alert](images/tvm_alert_icon.png) icon. - + There are two types of recommendations: + + - *Security update* which refers to recommendations that require a package installation + - *Configuration change* which refers to recommendations that require a registry or GPO modification + + Always prioritize recommendations that are associated with ongoing threats: + + - ![Threat insight](images/tvm_bug_icon.png) Threat insight icon + - ![Possible active alert](images/tvm_alert_icon.png) Active alert icon + + >![Top security recommendations](images/tvm_security_recommendations.png) + 2. The **Security recommendations** page shows the list of items to remediate. Select the security recommendation that you need to investigate. When you select a recommendation from the list, a fly-out panel will display a description of what you need to remediate, number of vulnerabilities, associated exploits in machines, number of exposed machines and their machine names, business impact, and a list of CVEs. Click **Open software page** option from the flyout panel. ![Details in security recommendations page](images/tvm_security_recommendations_page.png) 3. Click **Installed machines** and select the affected machine from the list to open the flyout panel with the relevant machine details, exposure and risk levels, alert and incident activities. ![Details in software page ](images/tvm_software_page_details.png) @@ -81,13 +92,13 @@ To lower down your threat and vulnerability exposure: 4. Click **Open machine page** to connect to the machine and apply the selected recommendation. See [Investigate machines in the Microsoft Defender ATP Machines list](investigate-machines.md) for details. ![Details in machine page](images/tvm_machine_page_details.png) 5. Allow a few hours for the changes to propagate in the system. - + 6. Review the machine **Security recommendation** tab again. The recommendation you've chosen to remediate is removed from the security recommendation list, and the exposure score decreases. ## Improve your security configuration >[!NOTE] -> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md). +> Secure score is now part of Threat & Vulnerability Management as [Configuration score](configuration-score.md). You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities. @@ -95,14 +106,15 @@ You can improve your security configuration when you remediate issues from the s >![Configuration score widget](images/tvm_config_score.png) -2. Select the first item on the list. The flyout panel will open with a description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**. +2. Select the first item on the list. The flyout panel will open with a description of the security controls issue, a short description of the potential risk, insights, configuration ID, exposed machines, and business impact. Click **Remediation options**. + ![Security controls related security recommendations](images/tvm_security_controls.png) 3. Read the description to understand the context of the issue and what to do next. Select a due date, add notes, and select **Export all remediation activity data to CSV** so you can attach it to the email that you can send to your IT Administrator for follow-up. - >![Request remediation](images/tvm_request_remediation.png). + >![Request remediation](images/tvm_request_remediation.png). - >You will see a confirmation message that the remediation task has been created. + You will see a confirmation message that the remediation task has been created. >![Remediation task creation confirmation](images/tvm_remediation_task_created.png) 4. Save your CSV file. @@ -113,6 +125,7 @@ You can improve your security configuration when you remediate issues from the s 6. Review the machine **Configuration score** widget again. The number of the security controls issues will decrease. When you click **Security controls** to go back to the **Security recommendations** page, the item that you have addressed will not be listed there anymore, and your configuration score should increase. ## Request a remediation + >[!NOTE] >To use this capability, enable your Microsoft Intune connections. Navigate to **Settings** > **General** > **Advanced features**. Scroll down and look for **Microsoft Intune connection**. By default, the toggle is turned off. Turn your **Microsoft Intune connection** toggle on. @@ -134,6 +147,7 @@ See [Use Intune to remediate vulnerabilities identified by Microsoft Defender AT >If your request involves remediating more than 10,000 machines, we can only send 10,000 machines for remediation to Intune. ## File for exception + With Threat & Vulnerability Management, you can create exceptions for recommendations, as an alternative to a remediation request. There are many reasons why organizations create exceptions for a recommendation. For example, if there's a business justification that prevents the company from applying the recommendation, the existence of a compensating or alternative control that provides as much protection than the recommendation would, a false positive, among other reasons. @@ -142,7 +156,6 @@ Exceptions can be created for both *Security update* and *Configuration change* When an exception is created for a recommendation, the recommendation is no longer active. The recommendation state changes to **Exception**, and it no longer shows up in the security recommendations list. - 1. Navigate to the **Security recommendations** page under the **Threat & Vulnerability Management** section menu. 2. Click the top-most recommendation. A flyout panel opens with the recommendation details. @@ -157,10 +170,10 @@ When an exception is created for a recommendation, the recommendation is no long 5. Click **Submit**. A confirmation message at the top of the page indicates that the exception has been created. ![Screenshot of exception confirmation message](images/tvm-exception-confirmation.png) -6. Navigate to the **Remediation** page under the **Threat & Vulnerability Management** menu and click the **Exceptions** tab to view all your exceptions (current and past). -![Screenshot of exception list of exceptions in the Remediation page](images/tvm-exception-list.png) +6. Navigate to the **Remediation** page under the **Threat & Vulnerability Management** menu and click the **Exceptions** tab to view all your exceptions (current and past). +![Screenshot of exception list of exceptions in the Remediation page](images/tvm-exception-list.png) -## Use advanced hunting query to search for machines with High active alerts or critical CVE public exploit +## Use advanced hunting query to search for machines with High active alerts or critical CVE public exploit 1. Go to **Advanced hunting** from the left-hand navigation pane. @@ -169,38 +182,41 @@ When an exception is created for a recommendation, the recommendation is no long 3. Enter the following queries: ```kusto -// Search for machines with High active alerts or Critical CVE public exploit -DeviceTvmSoftwareInventoryVulnerabilities -| join kind=inner(DeviceTvmSoftwareVulnerabilitiesKB) on CveId +// Search for machines with High active alerts or Critical CVE public exploit +DeviceTvmSoftwareInventoryVulnerabilities +| join kind=inner(DeviceTvmSoftwareVulnerabilitiesKB) on CveId | where IsExploitAvailable == 1 and CvssScore >= 7 -| summarize NumOfVulnerabilities=dcount(CveId), -DeviceName=any(DeviceName) by DeviceId +| summarize NumOfVulnerabilities=dcount(CveId), +DeviceName=any(DeviceName) by DeviceId | join kind =inner(DeviceAlertEvents) on DeviceId -| summarize NumOfVulnerabilities=any(NumOfVulnerabilities), -DeviceName=any(DeviceName) by DeviceId, AlertId +| summarize NumOfVulnerabilities=any(NumOfVulnerabilities), +DeviceName=any(DeviceName) by DeviceId, AlertId | project DeviceName, NumOfVulnerabilities, AlertId -| order by NumOfVulnerabilities desc +| order by NumOfVulnerabilities desc ``` -## Conduct an inventory of software or software versions which have reached their end-of-life -End-of-life for software or software versions means that they will no longer be supported nor serviced. When you use software or software versions which have reached their end-of-life, you're exposing your organization to security vulnerabilities, legal, and financial risks. +## Conduct an inventory of software or software versions which have reached end-of-support (EOS) -It is crucial for you as Security and IT Administrators to work together and ensure that your organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. +End-of-support (otherwise known as end-of-life) for software or software versions means that they will no longer be supported or serviced. When you use software or software versions which have reached end-of-support, you're exposing your organization to security vulnerabilities, legal, and financial risks. + +It is crucial for Security and IT Administrators to work together and ensure that the organization's software inventory is configured for optimal results, compliance, and a healthy network ecosystem. + +To conduct an inventory of software or software versions which have reached end-of-support: -To conduct an inventory of software or software versions which have reached their end of life: 1. From the Threat & Vulnerability Management menu, navigate to **Security recommendations**. -2. Go to the **Filters** panel and select **Software uninstall** from **Remediation Type** options if you want to see the list of software recommendations associated with software which have reached their end-of-life (tagged as **EOL software**). Select **Software update** from **Remediation Type** options if you want to see the list of software recommendations associated with software and software versions which have reached their end-of-life (tagged as **EOL versions installed**). -3. Select a software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**. -![Screenshot of Security recommendation for a software that reached its end of life page](images/secrec_flyout.png) +2. Go to the **Filters** panel and select **Software uninstall** from **Remediation Type** options to see the list of software recommendations associated with software which have reached end of support (tagged as **EOS software**). +3. Select **Software update** from **Remediation Type** options to see the list of software recommendations associated with software and software versions which have reached end-of-support (tagged as **EOS versions installed**). +4. Select software that you'd like to investigate. A fly-out screen opens where you can select **Open software page**. +![Screenshot of Security recommendation for a software that reached its end of life page](images/secrec_flyout.png) -4. In the **Software page** select the **Version distribution** tab to know which versions of the software have reached their end-of-life, and how many vulnerabilities were discovered in it. -![Screenshot of software details for a software that reached its end of life](images/secrec_sw_details.png) - -After you have identified which software and software versions are vulnerable due to its end-of-life status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details. +5. In the **Software page** select the **Version distribution** tab to know which versions of the software have reached their end-of-support, and how many vulnerabilities were discovered in it. +![Screenshot of software details for a software that reached its end of support](images/secrec_sw_details.png) +After you have identified which software and software versions are vulnerable due to its end-of-support status, remediate them to lower your organizations exposure to vulnerabilities and advanced persistent threats. See [Remediation and exception](tvm-remediation.md) for details. ## Related topics + - [Supported operating systems and platforms](tvm-supported-os.md) - [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) - [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) From db7ef223308af1bfaad5ee75dbdd2d0265335004 Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Tue, 25 Feb 2020 17:37:34 -0800 Subject: [PATCH 07/49] Update exposed-apis-create-app-webapp.md @mjcaparas Edit is complete. Please review to ensure I didn't change the technical meaning anywhere. I feel as though this article could use another iteration after edits are addressed as there are still some areas that are unclear, but I leave that up to you. Let me know if you have any questions! Kelly --- .../exposed-apis-create-app-webapp.md | 132 ++++++++---------- 1 file changed, 58 insertions(+), 74 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md index f69367a074..4931774a11 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md @@ -1,5 +1,5 @@ --- -title: Create an Application to access Microsoft Defender ATP without a user +title: Create an app to access Microsoft Defender ATP without a user ms.reviewer: description: Learn how to design a web app to get programmatic access to Microsoft Defender ATP without a user. keywords: apis, graph api, supported apis, actor, alerts, machine, user, domain, ip, file, advanced hunting, query @@ -23,104 +23,88 @@ ms.topic: article - Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) -This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. - -If you need programmatic access Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md) - -If you are not sure which access you need, see [Get started](apis-intro.md). +This page describes how to create an application to get programmatic access to Microsoft Defender ATP without a user. If you need programmatic access to Microsoft Defender ATP on behalf of a user, see [Get access with user context](exposed-apis-create-app-nativeapp.md). If you are not sure which access you need, see [Get started](apis-intro.md). Microsoft Defender ATP exposes much of its data and actions through a set of programmatic APIs. Those APIs will help you automate work flows and innovate based on Microsoft Defender ATP capabilities. The API access requires OAuth2.0 authentication. For more information, see [OAuth 2.0 Authorization Code Flow](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-code). In general, you’ll need to take the following steps to use the APIs: -- Create an AAD application -- Get an access token using this application -- Use the token to access Microsoft Defender ATP API +- Create an Azure Active Directory (Azure AD) application. +- Get an access token using this application. +- Use the token to access Microsoft Defender ATP API. -This page explains how to create an AAD application, get an access token to Microsoft Defender ATP and validate the token. +This article explains how to create an Azure AD application, get an access token to Microsoft Defender ATP, and validate the token. ## Create an app -1. Log on to [Azure](https://portal.azure.com) with user that has **Global Administrator** role. +1. Log on to [Azure](https://portal.azure.com) with a user that has the **Global Administrator** role. 2. Navigate to **Azure Active Directory** > **App registrations** > **New registration**. ![Image of Microsoft Azure and navigation to application registration](images/atp-azure-new-app2.png) -3. In the registration form, choose a name for your application and then click **Register**. +3. In the registration form, choose a name for your application, and then select **Register**. -4. Allow your Application to access Microsoft Defender ATP and assign it **'Read all alerts'** permission: +4. To enable your app to access Microsoft Defender ATP and assign it **'Read all alerts'** permission, on your application page, select **API Permissions** > **Add permission** > **APIs my organization uses** >, type **WindowsDefenderATP**, and then select **WindowsDefenderATP**. - - On your application page, click **API Permissions** > **Add permission** > **APIs my organization uses** > type **WindowsDefenderATP** and click on **WindowsDefenderATP**. - - - **Note**: WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. + > [!NOTE] + > WindowsDefenderATP does not appear in the original list. You need to start writing its name in the text box to see it appear. ![Image of API access and API selection](images/add-permission.png) - - Choose **Application permissions** > **Alert.Read.All** > Click on **Add permissions** + - Select **Application permissions** > **Alert.Read.All**, and then select **Add permissions**. ![Image of API access and API selection](images/application-permissions.png) - **Important note**: You need to select the relevant permissions. 'Read All Alerts' is only an example! + Please note that you need to select the relevant permissions. 'Read All Alerts' is only an example. For instance: - For instance, - - - To [run advanced queries](run-advanced-query-api.md), select 'Run advanced queries' permission - - To [isolate a machine](isolate-machine.md), select 'Isolate machine' permission + - To [run advanced queries](run-advanced-query-api.md), select the 'Run advanced queries' permission. + - To [isolate a machine](isolate-machine.md), select the 'Isolate machine' permission. - To determine which permission you need, please look at the **Permissions** section in the API you are interested to call. -5. Click **Grant consent** +5. Select **Grant consent**. - - **Note**: Every time you add permission you must click on **Grant consent** for the new permission to take effect. + > [!NOTE] + > Every time you add a permission, you must select **Grant consent** for the new permission to take effect. - ![Image of Grant permissions](images/grant-consent.png) + ![Image of Grant permissions](images/grant-consent.png) -6. Add a secret to the application. +6. To add a secret to the application, select **Certificates & secrets**, add a description to the secret, and then select **Add**. - - Click **Certificates & secrets**, add description to the secret and click **Add**. - - **Important**: After click Add, **copy the generated secret value**. You won't be able to retrieve after you leave! + > [!NOTE] + > After you select **Add**, select **copy the generated secret value**. You won't be able to retrieve this value after you leave. ![Image of create app key](images/webapp-create-key2.png) -7. Write down your application ID and your tenant ID: - - - On your application page, go to **Overview** and copy the following: +7. Write down your application ID and your tenant ID. On your application page, go to **Overview** and copy the following. ![Image of created app id](images/app-and-tenant-ids.png) -8. **For Microsoft Defender ATP Partners only** - Set your application to be multi-tenanted (available in all tenants after consent) +8. **For Microsoft Defender ATP Partners only**. Set your app to be multi-tenanted (available in all tenants after consent). This is **required** for third-party apps (for example, if you create an app that is intended to run in multiple customers' tenant). This is **not required** if you create a service that you want to run in your tenant only (for example, if you create an application for your own usage that will only interact with your own data). To set your app to be multi-tenanted: - This is **required** for 3rd party applications (for example, if you create an application that is intended to run in multiple customers tenant). + - Go to **Authentication**, and add https://portal.azure.com as the **Redirect URI**. - This is **not required** if you create a service that you want to run in your tenant only (i.e. if you create an application for your own usage that will only interact with your own data) + - On the bottom of the page, under **Supported account types**, select the **Accounts in any organizational directory** application consent for your multi-tenant app. - - Go to **Authentication** > Add https://portal.azure.com as **Redirect URI**. + You need your application to be approved in each tenant where you intend to use it. This is because your application interacts Microsoft Defender ATP on behalf of your customer. - - On the bottom of the page, under **Supported account types**, mark **Accounts in any organizational directory** + You (or your customer if you are writing a third-party app) need to select the consent link and approve your app. The consent should be done with a user who has administrative privileges in Active Directory. - - Application consent for your multi-tenant Application: - - You need your application to be approved in each tenant where you intend to use it. This is because your application interacts with Microsoft Defender ATP application on behalf of your customer. - - You (or your customer if you are writing a 3rd party application) need to click the consent link and approve your application. The consent should be done with a user who has admin privileges in the active directory. - - Consent link is of the form: + The consent link is formed as follows: ``` https://login.microsoftonline.com/common/oauth2/authorize?prompt=consent&client_id=00000000-0000-0000-0000-000000000000&response_type=code&sso_reload=true ``` - where 00000000-0000-0000-0000-000000000000 should be replaced with your Application ID + Where 00000000-0000-0000-0000-000000000000 is replaced with your application ID. -- **Done!** You have successfully registered an application! -- See examples below for token acquisition and validation. +**Done!** You have successfully registered an application! See examples below for token acquisition and validation. -## Get an access token examples: +## Get an access token -For more details on AAD token, refer to [AAD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds) +For more details on Azure AD tokens, see the [Azure AD tutorial](https://docs.microsoft.com/azure/active-directory/develop/active-directory-v2-protocols-oauth-client-creds). -### Using PowerShell +### Use PowerShell ``` # That code gets the App Context Token and save it to a file named "Latest-token.txt" under the current directory @@ -144,19 +128,19 @@ Out-File -FilePath "./Latest-token.txt" -InputObject $token return $token ``` -### Using C#: +### Use C#: ->The below code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8 +The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveDirectory 3.19.8. -- Create a new Console Application -- Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/) -- Add the below using +1. Create a new console application. +1. Install Nuget [Microsoft.IdentityModel.Clients.ActiveDirectory](https://www.nuget.org/packages/Microsoft.IdentityModel.Clients.ActiveDirectory/). +1. Add the following: ``` using Microsoft.IdentityModel.Clients.ActiveDirectory; ``` -- Copy/Paste the below code in your application (do not forget to update the 3 variables: ```tenantId, appId, appSecret```) +1. Copy and paste the f ollowing code in your app (don't forget to update the three variables: ```tenantId, appId, appSecret```): ``` string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here @@ -173,26 +157,25 @@ return $token ``` -### Using Python +### Use Python -Refer to [Get token using Python](run-advanced-query-sample-python.md#get-token) +See [Get token using Python](run-advanced-query-sample-python.md#get-token). -### Using Curl +### Use Curl > [!NOTE] -> The below procedure supposed Curl for Windows is already installed on your computer +> The following procedure assumes that Curl for Windows is already installed on your computer. -- Open a command window -- Set CLIENT_ID to your Azure application ID -- Set CLIENT_SECRET to your Azure application secret -- Set TENANT_ID to the Azure tenant ID of the customer that wants to use your application to access Microsoft Defender ATP application -- Run the below command: +1. Open a command prompt, and set CLIENT_ID to your Azure application ID. +1. Set CLIENT_SECRET to your Azure application secret. +1. Set TENANT_ID to the Azure tenant ID of the customer that wants to use your app to access Microsoft Defender ATP. +1. Run the following command: ``` curl -i -X POST -H "Content-Type:application/x-www-form-urlencoded" -d "grant_type=client_credentials" -d "client_id=%CLIENT_ID%" -d "scope=https://securitycenter.onmicrosoft.com/windowsatpservice/.default" -d "client_secret=%CLIENT_SECRET%" "https://login.microsoftonline.com/%TENANT_ID%/oauth2/v2.0/token" -k ``` -You will get an answer of the form: +You will get an answer in the following form: ``` {"token_type":"Bearer","expires_in":3599,"ext_expires_in":0,"access_token":"eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsIn aWReH7P0s0tjTBX8wGWqJUdDA"} @@ -200,20 +183,21 @@ You will get an answer of the form: ## Validate the token -Sanity check to make sure you got a correct token: -- Copy/paste into [JWT](https://jwt.ms) the token you get in the previous step in order to decode it -- Validate you get a 'roles' claim with the desired permissions -- In the screen shot below you can see a decoded token acquired from an Application with permissions to all of Microsoft Defender ATP's roles: +Ensure that you got the correct token: + +1. Copy and paste the token you got in the previous step into [JWT](https://jwt.ms) in order to decode it. +1. Validate that you get a 'roles' claim with the desired permissions +1. In the following image, you can see a decoded token acquired from an app with permissions to all of Microsoft Defender ATP's roles: ![Image of token validation](images/webapp-decoded-token.png) ## Use the token to access Microsoft Defender ATP API -- Choose the API you want to use, for more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md) -- Set the Authorization header in the Http request you send to "Bearer {token}" (Bearer is the Authorization scheme) -- The Expiration time of the token is 1 hour (you can send more then one request with the same token) +1. Choose the API you want to use. For more information, see [Supported Microsoft Defender ATP APIs](exposed-apis-list.md). +1. Set the authorization header in the http request you send to "Bearer {token}" (Bearer is the authorization scheme). +1. The expiration time of the token is one hour. You can send more then one request with the same token. -- Example of sending a request to get a list of alerts **using C#** +The following is an example of sending a request to get a list of alerts **using C#**: ``` var httpClient = new HttpClient(); From e1d4ef4a44f20db9f99b55bbb363a09d7fa619ff Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Tue, 25 Feb 2020 17:44:02 -0800 Subject: [PATCH 08/49] Update exposed-apis-create-app-webapp.md --- .../microsoft-defender-atp/exposed-apis-create-app-webapp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md index 4931774a11..259fc161ce 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md @@ -140,7 +140,7 @@ The following code was tested with Nuget Microsoft.IdentityModel.Clients.ActiveD using Microsoft.IdentityModel.Clients.ActiveDirectory; ``` -1. Copy and paste the f ollowing code in your app (don't forget to update the three variables: ```tenantId, appId, appSecret```): +1. Copy and paste the following code in your app (don't forget to update the three variables: ```tenantId, appId, appSecret```): ``` string tenantId = "00000000-0000-0000-0000-000000000000"; // Paste your own tenant ID here From f327f74a107edf12564ddab125df9fad1113677d Mon Sep 17 00:00:00 2001 From: VLG17 <41186174+VLG17@users.noreply.github.com> Date: Wed, 26 Feb 2020 14:51:57 +0200 Subject: [PATCH 09/49] add note about signup process URL https://github.com/MicrosoftDocs/windows-itpro-docs/issues/5947 --- .../microsoft-defender-atp/web-content-filtering.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md index aa2f21d63e..e64f5c502c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md +++ b/windows/security/threat-protection/microsoft-defender-atp/web-content-filtering.md @@ -81,7 +81,10 @@ Learn more at https://www.cyren.com/products/url-filtering. ### Signing up for a Cyren License -Cyren is offering a 60-day free trial for all Microsoft Defender ATP customers. To sign up, please follow the steps below from the portal. +Cyren is offering a 60-day free trial for all Microsoft Defender ATP customers. To sign up, please follow the steps below from the portal. + +>[!NOTE] +>Make sure to add the URL you get redirected to by the signup process to the list of approved domains. >[!NOTE] >A user with AAD app admin/global admin permissions is required to complete these steps. From d08abe83578269b31790d74c93ad7bcb09194593 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 14:26:00 -0800 Subject: [PATCH 10/49] Create office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 54 +++++++++++++++++++ 1 file changed, 54 insertions(+) create mode 100644 windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md new file mode 100644 index 0000000000..715154f533 --- /dev/null +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -0,0 +1,54 @@ +--- +title: Office 365 together with Windows Defender Antivirus +description: Office 365, which includes OneDrive, goes together wonderfully with Windows Defender Antivirus. Read this article to learn more. +keywords: windows defender, antivirus, office 365, onedrive +search.product: eADQiWindows 10XVcnh +ms.pagetype: security +ms.prod: w10 +ms.mktglfcycl: manage +ms.sitesec: library +ms.pagetype: security +ms.localizationpriority: medium +audience: ITPro +ms.topic: article +author: denisebmsft +ms.author: deniseb +ms.custom: nextgen +ms.date: 02/26/2020 +ms.reviewer: +manager: dansimp +--- + +# Office 365 together with Windows Defender Antivirus + +**Applies to:** + +- Windows Defender Antivirus + +Windows Defender Antivirus + +Keep your PC safe with trusted antivirus protection built-in to Windows 10. Windows Defender Antivirus delivers comprehensive, ongoing and real-time protection against software threats like viruses, malware and spyware across email, apps, the cloud and the web. + +Complete, built-in and ongoing protection. Standard, nothing to buy. There's nothing to install. No configuration, no subscriptions, and no nagware. + +OneDrive + +Work together. Collaborate with people for work or fun. Share your files and folders easily with OneDrive or OneDrive for Business. + +Office 365 + +Achieve more with Office 365. Get premium email and calendars, Office apps, 1 TB of cloud storage, and advanced security across all your devices. + + + +## Learn more + +[Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) + +[Threat & Vulnerability Management](../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) + + + + + + From 94aaa0585c3b67ffd62cfaf48877530df2023872 Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Wed, 26 Feb 2020 14:41:02 -0800 Subject: [PATCH 11/49] Update policy-csp-restrictedgroups.md Changed the example --- windows/client-management/mdm/policy-csp-restrictedgroups.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-restrictedgroups.md b/windows/client-management/mdm/policy-csp-restrictedgroups.md index adff5f8a8b..4437dab843 100644 --- a/windows/client-management/mdm/policy-csp-restrictedgroups.md +++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md @@ -127,12 +127,11 @@ Here is an example: - + - - + ``` From 0e3b72e003913783653c1468abb1d539af2b15a6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 14:54:36 -0800 Subject: [PATCH 12/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 31 +++++++++++++------ 1 file changed, 21 insertions(+), 10 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 715154f533..56cd5ce065 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -25,28 +25,39 @@ manager: dansimp - Windows Defender Antivirus -Windows Defender Antivirus +## Windows Defender Antivirus together with Office 365 -Keep your PC safe with trusted antivirus protection built-in to Windows 10. Windows Defender Antivirus delivers comprehensive, ongoing and real-time protection against software threats like viruses, malware and spyware across email, apps, the cloud and the web. +You might already know that: -Complete, built-in and ongoing protection. Standard, nothing to buy. There's nothing to install. No configuration, no subscriptions, and no nagware. +- Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. -OneDrive +- Office 365 includes antiphishing, antispam, and antimalware protection. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. -Work together. Collaborate with people for work or fun. Share your files and folders easily with OneDrive or OneDrive for Business. +- OneDrive, included in Office 365, enables you to share your files and folders as you see fit. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. -Office 365 +But did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus? It's ransomware protection! -Achieve more with Office 365. Get premium email and calendars, Office apps, 1 TB of cloud storage, and advanced security across all your devices. +When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: +1. Windows Defender notifies you of the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) +2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware. + +3. You get the option to use OneDrive Files Restore. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. + +Think of the time and hassle this can save! + +## More good reasons to use OneDrive + +The following video gives more good reasons to put your files in OneDrive. Take a look! + +> [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] ## Learn more -[Microsoft Defender Advanced Threat Protection](../microsoft-defender-atp/microsoft-defender-advanced-threat-protection.md) - -[Threat & Vulnerability Management](../microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md) +[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) +[Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) From 230649af5e3ca930f72734d54c7f7aa36c1d85ae Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:07:38 -0800 Subject: [PATCH 13/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 18 ++++++++++-------- 1 file changed, 10 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 56cd5ce065..29187fc9a2 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -29,31 +29,33 @@ manager: dansimp You might already know that: -- Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. +- **Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware**. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. -- Office 365 includes antiphishing, antispam, and antimalware protection. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. +- **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Office 365 Advanced Threat Protection. -- OneDrive, included in Office 365, enables you to share your files and folders as you see fit. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. +- **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). -But did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus? It's ransomware protection! +**But did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus**? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: 1. Windows Defender notifies you of the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) -2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware. +2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware from your device. -3. You get the option to use OneDrive Files Restore. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. +3. You get the option to use the OneDrive Files Restore feature. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. Think of the time and hassle this can save! ## More good reasons to use OneDrive -The following video gives more good reasons to put your files in OneDrive. Take a look! +Protection from ransomware is one great reason to put your files in OneDrive. There are more! Take a look at the following video:

> [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] -## Learn more +## Want to learn more? + + [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) From cc0c4036212237b53fb477bebafe5b25781909f9 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:16:47 -0800 Subject: [PATCH 14/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 29187fc9a2..1047adf8eb 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -29,11 +29,11 @@ manager: dansimp You might already know that: -- **Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware**. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. +- **Windows Defender Antivirus protects your Windows 10 device from software threats, such as viruses, malware, and spyware**. Windows Defender Antivirus is your complete, ongoing protection, built into Windows 10 and ready to go. [Windows Defender Antivirus is your next-generation protection](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). -- **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Office 365 Advanced Threat Protection. +- **Office 365 includes antiphishing, antispam, and antimalware protection**. With your Office 365 subscription, you get premium email and calendars, Office apps, 1 TB of cloud storage (via OneDrive), and advanced security across all your devices. This is true for home and business users. And if you're a business user, and your organization is using Office 365 E5, you get even more protection through Office 365 Advanced Threat Protection. [Protect against threats with Office 365](https://docs.microsoft.com/microsoft-365/security/office-365-security/protect-against-threats). -- **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). +- **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing). **But did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus**? It's ransomware protection! @@ -49,18 +49,18 @@ Think of the time and hassle this can save! ## More good reasons to use OneDrive -Protection from ransomware is one great reason to put your files in OneDrive. There are more! Take a look at the following video:

+Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons. Take a look at the following video:

> [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] ## Want to learn more? - - -[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) +[OneDrive](https://docs.microsoft.com/onedrive) [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) +[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) + From 0f89a1305bffb0e7b7ba7e3765ebdfc219f78adc Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:18:01 -0800 Subject: [PATCH 15/49] Update TOC.md --- windows/security/threat-protection/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index f42d965bea..5ef7b77e8b 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -46,6 +46,7 @@ ### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) #### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md) +#### [Office 365 together with Windows Defender Antivirus](windows-defender-antivirus/office-365-windows-defender-antivirus.md) ### [Endpoint detection and response]() #### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md) From 954abac64fe2640c169b340c165fc842dcf3cead Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:33:12 -0800 Subject: [PATCH 16/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 20 ++++++++++++++++++- 1 file changed, 19 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 1047adf8eb..06990ab414 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -35,7 +35,9 @@ You might already know that: - **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing). -**But did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus**? It's ransomware protection! +## Ransomware protection and recovery + +Did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: @@ -47,6 +49,22 @@ When you save your files to OneDrive, and Windows Defender Antivirus detects a r Think of the time and hassle this can save! +## Integration means better protection + +Did you know that Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection? Here's how: + +- [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. + + AND + +- [Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) protects your devices from cyber threats, detects advanced attacks and data breaches, automates security incidents, and improves your security posture. + + SO + +- Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, Microsoft Defender Advanced Threat Protection. + +Want to learn more? See [Integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp). + ## More good reasons to use OneDrive Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons. Take a look at the following video:

From 486dabd4d4a36fe9e47ffbbc3182da3f32264471 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:37:49 -0800 Subject: [PATCH 17/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 15 +++------------ 1 file changed, 3 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 06990ab414..28823fe081 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -37,7 +37,7 @@ You might already know that: ## Ransomware protection and recovery -Did you know there's at least one very good security reason to use OneDrive together with Windows Defender Antivirus? It's ransomware protection! +Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: @@ -45,9 +45,9 @@ When you save your files to OneDrive, and Windows Defender Antivirus detects a r 2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware from your device. -3. You get the option to use the OneDrive Files Restore feature. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. +3. You get the option to use the OneDrive Files Restore feature. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f). -Think of the time and hassle this can save! +Think of the time and hassle this can save! ## Integration means better protection @@ -71,15 +71,6 @@ Protection from ransomware is one great reason to put your files in OneDrive. An > [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] -## Want to learn more? - -[OneDrive](https://docs.microsoft.com/onedrive) - -[Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) - -[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection) - - From 86ba38673acb3cb72c877aa155dc6cf7fc3ba698 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:43:55 -0800 Subject: [PATCH 18/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 28823fe081..d31b0c5db4 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -71,6 +71,12 @@ Protection from ransomware is one great reason to put your files in OneDrive. An > [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] - +## Want to learn more? + +[OneDrive](https://docs.microsoft.com/onedrive) + +[Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp?view=o365-worldwide) + +[Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/windows/security/threat-protection/) From f55d1e8bee376eeefb90f2b7be0122c44df0dfbb Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 26 Feb 2020 15:44:35 -0800 Subject: [PATCH 19/49] br --- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 333d426aa0..65d1089824 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -25,6 +25,7 @@ This topic describes how to install, configure, update, and use Microsoft Defend > [!CAUTION] > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors. +

> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP] From 026035f987a308b618643b3649c6f9569aeecfbd Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:45:38 -0800 Subject: [PATCH 20/49] Update TOC.md --- windows/security/threat-protection/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 5ef7b77e8b..d944293aad 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -46,7 +46,7 @@ ### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) #### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md) -#### [Office 365 together with Windows Defender Antivirus](windows-defender-antivirus/office-365-windows-defender-antivirus.md) +#### [Better together: Office 365 and Windows Defender Antivirus](windows-defender-antivirus/office-365-windows-defender-antivirus.md) ### [Endpoint detection and response]() #### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md) From 5ed5fadbe7b91cad859ad926eba67bae13aa4e73 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:47:41 -0800 Subject: [PATCH 21/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index d31b0c5db4..3458bf6d6b 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -37,9 +37,7 @@ You might already know that: ## Ransomware protection and recovery -Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! - -When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: +Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: 1. Windows Defender notifies you of the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) From b8a3cd4c121e9eacae66aa55c62b9e1031e05b98 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:49:03 -0800 Subject: [PATCH 22/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 3458bf6d6b..c8ddcbfd1e 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -39,7 +39,7 @@ You might already know that: Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: -1. Windows Defender notifies you of the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) +1. You are told about the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) 2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware from your device. From 00d33c8bff4c05eeda63d5c50b238df8ad31e89e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 15:50:07 -0800 Subject: [PATCH 23/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index c8ddcbfd1e..2d7c7fb47f 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -24,8 +24,7 @@ manager: dansimp **Applies to:** - Windows Defender Antivirus - -## Windows Defender Antivirus together with Office 365 +- Office 365 You might already know that: From f04a0c8968d369b88ccd77932c7b352f1dd20ab1 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 26 Feb 2020 15:54:31 -0800 Subject: [PATCH 24/49] br --- .../microsoft-defender-atp-linux.md | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 65d1089824..5c50594f5d 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -22,12 +22,16 @@ ms.topic: conceptual This topic describes how to install, configure, update, and use Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Linux. +> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP] + + + > [!CAUTION] > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors. -

-> [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP] + + ## How to install Microsoft Defender ATP for Linux From 3074c71e747770fa2bfb1376d733c778efc55e61 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 26 Feb 2020 15:55:29 -0800 Subject: [PATCH 25/49] p --- .../microsoft-defender-atp/microsoft-defender-atp-linux.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md index 5c50594f5d..705752aeb3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-linux.md @@ -24,7 +24,7 @@ This topic describes how to install, configure, update, and use Microsoft Defend > [!VIDEO https://www.microsoft.com/en-us/videoplayer/embed/RE4q3yP] - +

> [!CAUTION] > Running other third-party endpoint protection products alongside Microsoft Defender ATP for Linux is likely to cause performance problems and unpredictable system errors. From 5829c9a2f2051542b92116ea2d606c991d382476 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:00:37 -0800 Subject: [PATCH 26/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 2d7c7fb47f..4616bae011 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -38,11 +38,11 @@ You might already know that: Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: -1. You are told about the threat. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) +1. **You are told about the threat**. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) -2. Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware from your device. +2. **Windows Defender Antivirus helps you (and your organization's security team) remove the ransomware** from your device(s). -3. You get the option to use the OneDrive Files Restore feature. This enables you to recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f). +3. **You get the option to recover your files in OneDrive**. With the OneDrive Files Restore feature, you can recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f). Think of the time and hassle this can save! From d55ef2d5acc52ca3113d325588b6acbfc624d5ab Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:04:02 -0800 Subject: [PATCH 27/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 4616bae011..c62f60f02f 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -64,7 +64,7 @@ Want to learn more? See [Integrate Office 365 Advanced Threat Protection with Mi ## More good reasons to use OneDrive -Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons. Take a look at the following video:

+Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons. Take a look at this short video:

> [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] From 5101b03baa59538a042e121ba3f19bcfcf5439ca Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:08:41 -0800 Subject: [PATCH 28/49] Update TOC.md --- windows/security/threat-protection/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index d944293aad..55521c5955 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -46,7 +46,7 @@ ### [Next-generation protection](windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md) #### [Better together: Windows Defender Antivirus and Microsoft Defender ATP](windows-defender-antivirus/why-use-microsoft-antivirus.md) -#### [Better together: Office 365 and Windows Defender Antivirus](windows-defender-antivirus/office-365-windows-defender-antivirus.md) +#### [Better together: Windows Defender Antivirus and Office 365](windows-defender-antivirus/office-365-windows-defender-antivirus.md) ### [Endpoint detection and response]() #### [Endpoint detection and response overview](microsoft-defender-atp/overview-endpoint-detection-response.md) From 4fe5a8df8a834067c44c22eeab5ed79bf2681e0e Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:11:06 -0800 Subject: [PATCH 29/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index c62f60f02f..7942f7c815 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -34,6 +34,14 @@ You might already know that: - **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing). +But did you know there are good security reasons to use Windows Defender Antivirus together with Office 365? Here are two: + + 1. [You get ransomware protection and recovery](#ransomware-protection-and-recovery) + + 2. [Integration means better protection](#integration-means-better-protection) + +Read the following sections to learn more! + ## Ransomware protection and recovery Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: From 751f0652d79aef87866f141d0d4c78f78387f469 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:12:39 -0800 Subject: [PATCH 30/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 7942f7c815..7d9457f004 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -44,7 +44,7 @@ Read the following sections to learn more! ## Ransomware protection and recovery -Did you know there's at least one very good security reason to use [OneDrive](https://docs.microsoft.com/onedrive) together with [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10)? It's ransomware protection! When you save your files to OneDrive, and Windows Defender Antivirus detects a ransomware threat on your device, the following things occur: +When you save your files to [OneDrive](https://docs.microsoft.com/onedrive), and [Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10) detects a ransomware threat on your device, the following things occur: 1. **You are told about the threat**. (If your organization is using Microsoft Defender Advanced Threat Protection, your security operations team is notified, too.) @@ -56,7 +56,7 @@ Think of the time and hassle this can save! ## Integration means better protection -Did you know that Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection? Here's how: +Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection. Here's how: - [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. From 791372eb1231f6ace7c921967bf2a8a95c293a58 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:16:46 -0800 Subject: [PATCH 31/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 7d9457f004..6b124ec31e 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -36,9 +36,9 @@ You might already know that: But did you know there are good security reasons to use Windows Defender Antivirus together with Office 365? Here are two: - 1. [You get ransomware protection and recovery](#ransomware-protection-and-recovery) + 1. [You get ransomware protection and recovery](#ransomware-protection-and-recovery). - 2. [Integration means better protection](#integration-means-better-protection) + 2. [Integration means better protection](#integration-means-better-protection). Read the following sections to learn more! From 20fee672a7b0beb3576ad4f3bdf22001cf175c20 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:19:52 -0800 Subject: [PATCH 32/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 6b124ec31e..a0b36949ba 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -1,5 +1,5 @@ --- -title: Office 365 together with Windows Defender Antivirus +title: Windows Defender Antivirus together with Office 365 (including OneDrive) - better protection from ransomware and cyberthreats description: Office 365, which includes OneDrive, goes together wonderfully with Windows Defender Antivirus. Read this article to learn more. keywords: windows defender, antivirus, office 365, onedrive search.product: eADQiWindows 10XVcnh @@ -19,7 +19,7 @@ ms.reviewer: manager: dansimp --- -# Office 365 together with Windows Defender Antivirus +# Windows Defender Antivirus together with Office 365 **Applies to:** From f42932849a0fe0391c63eadbad475e45a6d08108 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 16:22:44 -0800 Subject: [PATCH 33/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index a0b36949ba..308c1af083 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -68,7 +68,7 @@ Office 365 Advanced Threat Protection integrated with Microsoft Defender Advance - Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, Microsoft Defender Advanced Threat Protection. -Want to learn more? See [Integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp). +See [Integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp). ## More good reasons to use OneDrive From c293661bd02b7cb610ba00adb226f873fcfaef48 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 26 Feb 2020 19:10:06 -0800 Subject: [PATCH 34/49] Update office-365-windows-defender-antivirus.md --- .../office-365-windows-defender-antivirus.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md index 308c1af083..8201f92e0e 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/office-365-windows-defender-antivirus.md @@ -34,13 +34,13 @@ You might already know that: - **OneDrive, included in Office 365, enables you to store your files and folders online, and share them as you see fit**. You can work together with people (for work or fun), and coauthor files that are stored in OneDrive. You can also access your files across all your devices (your PC, phone, and tablet). [Manage sharing in OneDrive](https://docs.microsoft.com/OneDrive/manage-sharing). -But did you know there are good security reasons to use Windows Defender Antivirus together with Office 365? Here are two: +**But did you know there are good security reasons to use Windows Defender Antivirus together with Office 365**? Here are two: 1. [You get ransomware protection and recovery](#ransomware-protection-and-recovery). 2. [Integration means better protection](#integration-means-better-protection). -Read the following sections to learn more! +Read the following sections to learn more. ## Ransomware protection and recovery @@ -52,13 +52,13 @@ When you save your files to [OneDrive](https://docs.microsoft.com/onedrive), and 3. **You get the option to recover your files in OneDrive**. With the OneDrive Files Restore feature, you can recover your files in OneDrive to the state they were in before the ransomware attack occurred. See [Ransomware detection and recovering your files](https://support.office.com/article/0d90ec50-6bfd-40f4-acc7-b8c12c73637f). -Think of the time and hassle this can save! +Think of the time and hassle this can save. ## Integration means better protection Office 365 Advanced Threat Protection integrated with Microsoft Defender Advanced Threat Protection means better protection. Here's how: -- [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed by email messages, links (URLs) and collaboration tools. +- [Office 365 Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/office-365-atp) safeguards your organization against malicious threats posed in email messages, email attachments, and links (URLs) in Office documents. AND @@ -66,13 +66,13 @@ Office 365 Advanced Threat Protection integrated with Microsoft Defender Advance SO -- Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, Microsoft Defender Advanced Threat Protection. +- Once integration is enabled, your security operations team can see a list of devices that are used by the recipients of any detected URLs or email messages, along with recent alerts for those devices, in the Microsoft Defender Security Center ([https://securitycenter.windows.com](https://securitycenter.windows.com)). -See [Integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp). +If you haven't already done so, [integrate Office 365 Advanced Threat Protection with Microsoft Defender Advanced Threat Protection](https://docs.microsoft.com/microsoft-365/security/office-365-security/integrate-office-365-ti-with-wdatp). ## More good reasons to use OneDrive -Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons. Take a look at this short video:

+Protection from ransomware is one great reason to put your files in OneDrive. And there are several more good reasons, summarized in this video:

> [!VIDEO https://www.microsoft.com/videoplayer/embed/70b4d256-46fb-481f-ad9b-921ef5fd7bed] From 13937f2f0b0525e8c1eeb3e2c89f04ac16cd2c3a Mon Sep 17 00:00:00 2001 From: RavennMSFT <37601656+RavennMSFT@users.noreply.github.com> Date: Wed, 26 Feb 2020 22:44:33 -0800 Subject: [PATCH 35/49] Update windows/client-management/mdm/policy-csp-restrictedgroups.md Co-Authored-By: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- windows/client-management/mdm/policy-csp-restrictedgroups.md | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-restrictedgroups.md b/windows/client-management/mdm/policy-csp-restrictedgroups.md index 4437dab843..475db540e0 100644 --- a/windows/client-management/mdm/policy-csp-restrictedgroups.md +++ b/windows/client-management/mdm/policy-csp-restrictedgroups.md @@ -131,7 +131,7 @@ Here is an example: - + ``` @@ -156,4 +156,3 @@ Footnotes: - 6 - Added in Windows 10, version 1903. - From 0c5973fddcbb972e10a418e2826973b36b6c718d Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Thu, 27 Feb 2020 09:51:58 -0800 Subject: [PATCH 36/49] pencil edit --- devices/hololens/hololens-updates.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-updates.md b/devices/hololens/hololens-updates.md index 4b9f869d88..f07302aa07 100644 --- a/devices/hololens/hololens-updates.md +++ b/devices/hololens/hololens-updates.md @@ -67,7 +67,7 @@ To go back to a previous version of HoloLens (1st gen), follow these steps: > [!NOTE] > If the WDRT doesn't detect your HoloLens, try restarting your PC. If that doesn't work, select **My device was not detected**, select **Microsoft HoloLens**, and then follow the instructions. -# Use policies to manage updates to HoloLens +## Use policies to manage updates to HoloLens > [!NOTE] > HoloLens (1st gen) devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates. From 373a278136c8f8a1639d179b46fe3f6341f26718 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 27 Feb 2020 12:18:22 -0800 Subject: [PATCH 37/49] Update surface-dock-firmware-update.md updated metadata --- devices/surface/surface-dock-firmware-update.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index aac758fa29..a7362f5482 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -1,6 +1,6 @@ --- title: Microsoft Surface Dock Firmware Update -description: This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. +description: This article explains how to use Microsoft Surface Dock Firmware Update to update Surface Dock firmware. When installed on your Surface device, it will update any Surface Dock attached to your Surface device. ms.localizationpriority: medium ms.prod: w10 ms.mktglfcycl: manage @@ -11,6 +11,7 @@ ms.topic: article ms.reviewer: scottmca manager: dansimp ms.audience: itpro +ms.date: 02/08/2020 --- # Microsoft Surface Dock Firmware Update From 2007cacade1f5035c3e73f424ba3718d93bcbe85 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 27 Feb 2020 12:20:45 -0800 Subject: [PATCH 38/49] Update surface-dock-firmware-update.md --- devices/surface/surface-dock-firmware-update.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index a7362f5482..1818961be5 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -11,7 +11,7 @@ ms.topic: article ms.reviewer: scottmca manager: dansimp ms.audience: itpro -ms.date: 02/08/2020 +ms.date: 02/07/2020 --- # Microsoft Surface Dock Firmware Update From 4dfd578b0d8e3734407c526fc93954f415969e56 Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Thu, 27 Feb 2020 13:27:53 -0800 Subject: [PATCH 39/49] FAQ updates for speech, no bloom I added updates to the speech section to help troubleshoot the differences between generic Voice Commands, and Cortana's voice. I also got rid of yet another Bloom reference for Start. @scooley @yannisle --- devices/hololens/hololens-FAQ.md | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/devices/hololens/hololens-FAQ.md b/devices/hololens/hololens-FAQ.md index 03bed1bfc3..568b109f96 100644 --- a/devices/hololens/hololens-FAQ.md +++ b/devices/hololens/hololens-FAQ.md @@ -154,7 +154,15 @@ To make sure HoloLens can see your gestures, keep your hand in the gesture frame ## HoloLens doesn't respond to my voice -If Cortana isn't responding to your voice, make sure Cortana is on. In the **All apps** list, select **Cortana** > **Menu** > **Notebook** > **Settings** to make changes. To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md). +If your HoloLens is not responding to your voice, make sure Speech recognition is on. Go to **Start > Settings > Privacy > Speech** and turn on **Speech recognition**. + +If Cortana isn't responding to your voice, make sure Cortana is on by enabling **Online speech recognition** in that same menu. + +- You can also easily reach this menu on HoloLens 2 by selecting the "Speech settings" button, or saying "Speech settings" while in the start menu after enabling Speech recognition. + +- If Cortana is still not responding after enabling Online speech recognition, In the **All apps** list, select and launch **Cortana** > select **Menu** > **Notebook** > **Settings** to make changes. + +To learn more about what you can say, see [Use your voice with HoloLens](hololens-cortana.md). [Back to list](#list) @@ -194,7 +202,7 @@ If that doesn't help, see [Restart or recover the HoloLens clicker](hololens1-cl Here are some things to try if you can't connect to Wi-Fi on HoloLens: -- Make sure Wi-Fi is turned on. Bloom to go to Start, then select **Settings** > **Network & Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again. +- Make sure Wi-Fi is turned on. Preform a Start gesture to open the menu, then select **Settings** > **Network & Internet** > **Wi-Fi** to check. If Wi-Fi is on, try turning it off and on again. - Move closer to the router or access point. - Restart your Wi-Fi router, then [restart HoloLens](hololens-recovery.md). Try connecting again. - If none of these things work, check to make sure your router is using the latest firmware. You can find this information on the manufacturers website. From bc37537e446b158f04c3b77941ad35e2d3e3448c Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Thu, 27 Feb 2020 13:32:59 -0800 Subject: [PATCH 40/49] Update hololens-FAQ.md --- devices/hololens/hololens-FAQ.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/devices/hololens/hololens-FAQ.md b/devices/hololens/hololens-FAQ.md index 568b109f96..7f5f82f160 100644 --- a/devices/hololens/hololens-FAQ.md +++ b/devices/hololens/hololens-FAQ.md @@ -156,6 +156,9 @@ To make sure HoloLens can see your gestures, keep your hand in the gesture frame If your HoloLens is not responding to your voice, make sure Speech recognition is on. Go to **Start > Settings > Privacy > Speech** and turn on **Speech recognition**. +> [!NOTE] +> This setting is not present on HoloLens (1st Gen) and is always on. + If Cortana isn't responding to your voice, make sure Cortana is on by enabling **Online speech recognition** in that same menu. - You can also easily reach this menu on HoloLens 2 by selecting the "Speech settings" button, or saying "Speech settings" while in the start menu after enabling Speech recognition. From f3178541a918203257919952f408e08731d527de Mon Sep 17 00:00:00 2001 From: Evan Miller Date: Thu, 27 Feb 2020 13:57:22 -0800 Subject: [PATCH 41/49] Update hololens-FAQ.md --- devices/hololens/hololens-FAQ.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/hololens-FAQ.md b/devices/hololens/hololens-FAQ.md index 7f5f82f160..8c56f0dccc 100644 --- a/devices/hololens/hololens-FAQ.md +++ b/devices/hololens/hololens-FAQ.md @@ -157,7 +157,7 @@ To make sure HoloLens can see your gestures, keep your hand in the gesture frame If your HoloLens is not responding to your voice, make sure Speech recognition is on. Go to **Start > Settings > Privacy > Speech** and turn on **Speech recognition**. > [!NOTE] -> This setting is not present on HoloLens (1st Gen) and is always on. +> This setting isn't available on HoloLens (1st Gen) because speech recognition is always on and cannot be disabled If Cortana isn't responding to your voice, make sure Cortana is on by enabling **Online speech recognition** in that same menu. From c54cab1c3f4a3b550fdd27207a12659693458175 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Thu, 27 Feb 2020 13:59:10 -0800 Subject: [PATCH 42/49] Indented content in list items --- .../surface/surface-dock-firmware-update.md | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index 1818961be5..77818aa47a 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -33,17 +33,19 @@ This section is optional and provides an overview of how to monitor installation To monitor the update: 1. Open Event Viewer, browse to **Windows Logs > Application**, and then under **Actions** in the right-hand pane click **Filter Current Log**, enter **SurfaceDockFwUpdate** next to **Event sources**, and then click **OK**. + 2. Type the following command at an elevated command prompt: - ```cmd - Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" - ``` + ```cmd + Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" + ``` 3. Install the update as described in the [next section](#install-the-surface-dock-firmware-update) of this article. + 4. Event 2007 with the following text indicates a successful update: **Firmware update finished. hr=0 DriverTelementry EventCode = 2007**. - - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. + - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. 5. When the update is complete, updated DWORD values will be displayed in the Windows Registry, corresponding to the current version of the tool. See the [Versions reference](#versions-reference) section in this article for details. For example: - - Component10CurrentFwVersion 0x04ac3970 (78395760) - - Component20CurrentFwVersion 0x04915a70 (76634736) + - Component10CurrentFwVersion 0x04ac3970 (78395760) + - Component20CurrentFwVersion 0x04915a70 (76634736) >[!TIP] >If you see "The description for Event ID xxxx from source SurfaceDockFwUpdate cannot be found" in event text, this is expected and can be ignored. @@ -53,8 +55,8 @@ To monitor the update: This section describes how to install the firmware update. 1. Download and install [Microsoft Surface Dock Firmware Update](https://www.microsoft.com/download/details.aspx?id=46703). - - The update requires a Surface device running Windows 10, version 1803 or later. - - Installing the MSI file might prompt you to restart Surface. However, restarting is not required to perform the update. + - The update requires a Surface device running Windows 10, version 1803 or later. + - Installing the MSI file might prompt you to restart Surface. However, restarting is not required to perform the update. 2. Disconnect your Surface device from the Surface Dock (using the power adapter), wait ~5 seconds, and then reconnect. The Surface Dock Firmware Update will update the dock silently in background. The process can take a few minutes to complete and will continue even if interrupted. @@ -69,8 +71,8 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm msiexec /i "\\share\folder\Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.msi" /quiet /norestart ``` -> [!NOTE] -> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" + > [!NOTE] + > A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. @@ -97,11 +99,11 @@ Successful completion of Surface Dock Firmware Update results in new registry ke 1. Open Regedit and navigate to the following registry path: -- **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** + - **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** 2. Look for the registry keys: **Component10CurrentFwVersion and Component20CurrentFwVersion**, which refer to the firmware that is currently on the device. - ![Surface Dock Firmware Update installation process](images/regeditDock.png) + ![Surface Dock Firmware Update installation process](images/regeditDock.png) 3. Verify the new registry key values match the updated registry key values listed in the Versions reference at the end of this document. If the values match, the firmware was updated successfully. From 4ffca9526d567375c51bb1117eb05df729bbfd82 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Thu, 27 Feb 2020 14:31:39 -0800 Subject: [PATCH 43/49] Indented additional content in list items --- devices/surface/surface-dock-firmware-update.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index 77818aa47a..e872ddc649 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -74,7 +74,7 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm > [!NOTE] > A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" -For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. + For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. > [!IMPORTANT] > If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details. @@ -99,7 +99,7 @@ Successful completion of Surface Dock Firmware Update results in new registry ke 1. Open Regedit and navigate to the following registry path: - - **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** + - **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** 2. Look for the registry keys: **Component10CurrentFwVersion and Component20CurrentFwVersion**, which refer to the firmware that is currently on the device. From fee06e7788597f14f655ac628d523b3668eea36d Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 27 Feb 2020 14:48:04 -0800 Subject: [PATCH 44/49] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200227140933 (#2164) Co-authored-by: Direesh Kumar Kandakatla --- ...issues-windows-7-and-windows-server-2008-r2-sp1.yml | 10 ---------- windows/release-information/windows-message-center.yml | 1 + 2 files changed, 1 insertion(+), 10 deletions(-) diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 3e723fd5a0..7a74412dba 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -37,7 +37,6 @@ sections:
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >September 24, 2019
KB4516048Resolved
KB4519976October 08, 2019
10:00 AM PT
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.

See details >August 13, 2019
KB4512506Resolved
KB4516048September 24, 2019
10:00 AM PT -
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >August 13, 2019
KB4512506Resolved External
August 27, 2019
02:29 PM PT " @@ -84,12 +83,3 @@ sections:
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Resolution: This issue was resolved in KB4516048.

Back to topAugust 13, 2019
KB4512506Resolved
KB4516048Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 10, 2019
09:48 AM PT " - -- title: August 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.

Back to top		August 13, 2019
KB4512506		Resolved External
Last updated:
August 27, 2019
02:29 PM PT

Opened:
August 13, 2019
10:05 AM PT
- " diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 1393cd0b82..28f4b85576 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + From bc8bb4fd438f091c32e2c9cac79b4bbeae74ff2f Mon Sep 17 00:00:00 2001 From: Narkis Engler <41025789+narkissit@users.noreply.github.com> Date: Thu, 27 Feb 2020 15:08:25 -0800 Subject: [PATCH 45/49] Update manage-windows-1903-endpoints.md Not sure where this entry came from, I don't think this hostname is used anywhere in Windows Update scenarios. cs9.wac.phicdn.net --- windows/privacy/manage-windows-1903-endpoints.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/privacy/manage-windows-1903-endpoints.md b/windows/privacy/manage-windows-1903-endpoints.md index 786649ef6a..e4464fdddc 100644 --- a/windows/privacy/manage-windows-1903-endpoints.md +++ b/windows/privacy/manage-windows-1903-endpoints.md @@ -161,7 +161,6 @@ The following methodology was used to derive these network endpoints: |||HTTPS|ris.api.iris.microsoft.com| |Windows Update|The following endpoint is used for Windows Update downloads of apps and OS updates, including HTTP downloads or HTTP downloads blended with peers. If you turn off traffic for this endpoint, Windows Update downloads will not be managed, as critical metadata that is used to make downloads more resilient is blocked. Downloads may be impacted by corruption (resulting in re-downloads of full files). Additionally, downloads of the same update by multiple devices on the same local network will not use peer devices for bandwidth reduction.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-updates)| |||HTTPS|*.prod.do.dsp.mp.microsoft.com| -|||HTTP|cs9.wac.phicdn.net| |||HTTP|emdl.ws.microsoft.com| ||The following endpoints are used to download operating system patches, updates, and apps from Microsoft Store. If you turn off traffic for these endpoints, the device will not be able to download updates for the operating system.|HTTP|*.dl.delivery.mp.microsoft.com| |||HTTP|*.windowsupdate.com| From 89b8013b79c2dab067465e9e9af18d531cb3d561 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Thu, 27 Feb 2020 15:28:19 -0800 Subject: [PATCH 46/49] CAT Auto Pulish for Windows Release Messages - 20200227151607 (#2165) * Update surface-dock-firmware-update.md updated metadata * Update surface-dock-firmware-update.md * Indented content in list items * Indented additional content in list items * CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20200227140933 (#2164) Co-authored-by: Direesh Kumar Kandakatla Co-authored-by: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Co-authored-by: Gary Moore Co-authored-by: Direesh Kumar Kandakatla --- .../surface/surface-dock-firmware-update.md | 31 ++++++++++--------- ...ndows-7-and-windows-server-2008-r2-sp1.yml | 10 ------ .../windows-message-center.yml | 1 + 3 files changed, 18 insertions(+), 24 deletions(-) diff --git a/devices/surface/surface-dock-firmware-update.md b/devices/surface/surface-dock-firmware-update.md index aac758fa29..e872ddc649 100644 --- a/devices/surface/surface-dock-firmware-update.md +++ b/devices/surface/surface-dock-firmware-update.md @@ -1,6 +1,6 @@ --- title: Microsoft Surface Dock Firmware Update -description: This article explains how to use Microsoft Surface Dock Firmware Update, newly redesigned to update Surface Dock firmware while running in the background on your Surface device. +description: This article explains how to use Microsoft Surface Dock Firmware Update to update Surface Dock firmware. When installed on your Surface device, it will update any Surface Dock attached to your Surface device. ms.localizationpriority: medium ms.prod: w10 ms.mktglfcycl: manage @@ -11,6 +11,7 @@ ms.topic: article ms.reviewer: scottmca manager: dansimp ms.audience: itpro +ms.date: 02/07/2020 --- # Microsoft Surface Dock Firmware Update @@ -32,17 +33,19 @@ This section is optional and provides an overview of how to monitor installation To monitor the update: 1. Open Event Viewer, browse to **Windows Logs > Application**, and then under **Actions** in the right-hand pane click **Filter Current Log**, enter **SurfaceDockFwUpdate** next to **Event sources**, and then click **OK**. + 2. Type the following command at an elevated command prompt: - ```cmd - Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" - ``` + ```cmd + Reg query "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters" + ``` 3. Install the update as described in the [next section](#install-the-surface-dock-firmware-update) of this article. + 4. Event 2007 with the following text indicates a successful update: **Firmware update finished. hr=0 DriverTelementry EventCode = 2007**. - - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. + - If the update is not successful, then event ID 2007 will be displayed as an **Error** event rather than **Information**. Additionally, the version reported in the Windows Registry will not be current. 5. When the update is complete, updated DWORD values will be displayed in the Windows Registry, corresponding to the current version of the tool. See the [Versions reference](#versions-reference) section in this article for details. For example: - - Component10CurrentFwVersion 0x04ac3970 (78395760) - - Component20CurrentFwVersion 0x04915a70 (76634736) + - Component10CurrentFwVersion 0x04ac3970 (78395760) + - Component20CurrentFwVersion 0x04915a70 (76634736) >[!TIP] >If you see "The description for Event ID xxxx from source SurfaceDockFwUpdate cannot be found" in event text, this is expected and can be ignored. @@ -52,8 +55,8 @@ To monitor the update: This section describes how to install the firmware update. 1. Download and install [Microsoft Surface Dock Firmware Update](https://www.microsoft.com/download/details.aspx?id=46703). - - The update requires a Surface device running Windows 10, version 1803 or later. - - Installing the MSI file might prompt you to restart Surface. However, restarting is not required to perform the update. + - The update requires a Surface device running Windows 10, version 1803 or later. + - Installing the MSI file might prompt you to restart Surface. However, restarting is not required to perform the update. 2. Disconnect your Surface device from the Surface Dock (using the power adapter), wait ~5 seconds, and then reconnect. The Surface Dock Firmware Update will update the dock silently in background. The process can take a few minutes to complete and will continue even if interrupted. @@ -68,10 +71,10 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm msiexec /i "\\share\folder\Surface_Dock_FwUpdate_1.42.139_Win10_17134_19.084.31680_0.msi" /quiet /norestart ``` -> [!NOTE] -> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" + > [!NOTE] + > A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]". For example: Msiexec.exe /i \ /l*v %windir%\logs\ SurfaceDockFWI.log" -For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. + For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation. > [!IMPORTANT] > If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details. @@ -96,11 +99,11 @@ Successful completion of Surface Dock Firmware Update results in new registry ke 1. Open Regedit and navigate to the following registry path: -- **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** + - **HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\WUDF\Services\SurfaceDockFwUpdate\Parameters** 2. Look for the registry keys: **Component10CurrentFwVersion and Component20CurrentFwVersion**, which refer to the firmware that is currently on the device. - ![Surface Dock Firmware Update installation process](images/regeditDock.png) + ![Surface Dock Firmware Update installation process](images/regeditDock.png) 3. Verify the new registry key values match the updated registry key values listed in the Versions reference at the end of this document. If the values match, the firmware was updated successfully. diff --git a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml index 3e723fd5a0..7a74412dba 100644 --- a/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml +++ b/windows/release-information/resolved-issues-windows-7-and-windows-server-2008-r2-sp1.yml @@ -37,7 +37,6 @@ sections: -
MessageDate
February 2020 Windows 10, version 1909 and Windows 10, version 1903 \"D\" optional release is available
The February 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 27, 2020
01:30 PM PT
February 2020 Windows \"C\" optional release is available.
The February 2020 optional monthly “C” release for all supported versions of Windows prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 25, 2020
08:00 AM PT
Status of February 2020 “C” release
The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 21, 2020
12:00 PM PT
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT
MSRT might fail to install and be re-offered from Windows Update or WSUS
The November 2019 update for Windows Malicious Software Removal Tool (MSRT) might fail to install from WU/WSUS.

See details >
Resolved
January 23, 2020
02:08 PM PT
Intermittent issues when printing
The print spooler service may intermittently have issues completing a print job and results print job failure.

See details >		September 24, 2019
KB4516048		Resolved
KB4519976		October 08, 2019
10:00 AM PT
You may receive an error when opening or using the Toshiba Qosmio AV Center
Toshiba Qosmio AV Center may error when opening and you may also receive an error in Event Log related to cryptnet.dll.

See details >		August 13, 2019
KB4512506		Resolved
KB4516048		September 24, 2019
10:00 AM PT
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Windows updates that are SHA-2 signed are not available with Symantec or Norton antivirus program installed

See details >		August 13, 2019
KB4512506		Resolved External
August 27, 2019
02:29 PM PT
" @@ -84,12 +83,3 @@ sections:
You may receive an error when opening or using the Toshiba Qosmio AV Center
After installing KB4512506, you may receive an error when opening or using the Toshiba Qosmio AV Center. You may also receive an error in Event Log related to cryptnet.dll.

Affected platforms:
  • Client: Windows 7 SP1
Resolution: This issue was resolved in KB4516048.

Back to topAugust 13, 2019
KB4512506Resolved
KB4516048Resolved:
September 24, 2019
10:00 AM PT

Opened:
September 10, 2019
09:48 AM PT " - -- title: August 2019 -- items: - - type: markdown - text: " - - -
DetailsOriginating updateStatusHistory
Windows updates that are SHA-2 signed may not be offered for Symantec and Norton AV
Symantec identified the potential for a negative interaction that may occur after Windows Updates code signed with SHA-2 only certificates are installed on devices with Symantec or Norton antivirus programs installed. The software may not correctly identify files included in the update as code signed by Microsoft, putting the device at risk for a delayed or incomplete update.

Affected platforms:
  • Client: Windows 7 SP1
  • Server: Windows Server 2008 R2 SP1
Resolution: The safeguard hold has been removed. Symantec has completed its evaluation of the impact of this update and future updates to Windows 7/Windows 2008 R2 and has determined that there is no increased risk of a false positive detection for all in-field versions of Symantec Endpoint Protection and Norton antivirus programs. See the Symantec support article for additional detail and please reach out to Symantec or Norton support if you encounter any issues.

Back to top		August 13, 2019
KB4512506		Resolved External
Last updated:
August 27, 2019
02:29 PM PT

Opened:
August 13, 2019
10:05 AM PT
- " diff --git a/windows/release-information/windows-message-center.yml b/windows/release-information/windows-message-center.yml index 1393cd0b82..28f4b85576 100644 --- a/windows/release-information/windows-message-center.yml +++ b/windows/release-information/windows-message-center.yml @@ -50,6 +50,7 @@ sections: text: " + From 71593e24ba143710493df9fb961f891db3316fbf Mon Sep 17 00:00:00 2001 From: Kelly Baker Date: Thu, 27 Feb 2020 17:29:00 -0800 Subject: [PATCH 47/49] Update exposed-apis-create-app-webapp.md --- .../microsoft-defender-atp/exposed-apis-create-app-webapp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md index 259fc161ce..ef03093507 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exposed-apis-create-app-webapp.md @@ -55,7 +55,7 @@ This article explains how to create an Azure AD application, get an access token ![Image of API access and API selection](images/application-permissions.png) - Please note that you need to select the relevant permissions. 'Read All Alerts' is only an example. For instance: + Note that you need to select the relevant permissions. 'Read All Alerts' is only an example. For instance: - To [run advanced queries](run-advanced-query-api.md), select the 'Run advanced queries' permission. - To [isolate a machine](isolate-machine.md), select the 'Isolate machine' permission. From 57d44eae89ea10bd970a6fc10c0cc79e5cdb0003 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 27 Feb 2020 17:39:20 -0800 Subject: [PATCH 48/49] Update surface-hub-2s-manage-intune.md --- devices/surface-hub/surface-hub-2s-manage-intune.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-manage-intune.md b/devices/surface-hub/surface-hub-2s-manage-intune.md index be1df464ef..75e44c650b 100644 --- a/devices/surface-hub/surface-hub-2s-manage-intune.md +++ b/devices/surface-hub/surface-hub-2s-manage-intune.md @@ -9,7 +9,7 @@ ms.author: greglin manager: laurawi audience: Admin ms.topic: article -ms.date: 06/20/2019 +ms.date: 02/28/2020 ms.localizationpriority: Medium --- @@ -48,9 +48,9 @@ To ensure optimal video and audio quality on Surface Hub 2S, add the following Q |**Name**|**Description**|**OMA-URI**|**Type**|**Value**| |:------ |:------------- |:--------- |:------ |:------- | -|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/SourcePortMatchCondition | String | 50000-50019 | +|**Audio Ports**| Audio Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DestinationPortMatchCondition | String | 3478-3479 | |**Audio DSCP**| Audio ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubAudio/DSCPAction | Integer | 46 | -|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/SourcePortMatchCondition | String | 50020-50039 | +|**Video Ports**| Video Port range | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DestinationPortMatchCondition | String | 3480 | |**Video DSCP**| Video ports marking | ./Device/Vendor/MSFT/NetworkQoSPolicy/HubVideo/DSCPAction | Integer | 34 | > [!NOTE] From 48b91d07b7965905d4bc11b1a46564c5b37ac312 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Fri, 28 Feb 2020 08:34:53 -0800 Subject: [PATCH 49/49] updated overview --- .../microsoft-defender-atp/microsoft-threat-experts.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md index a28cd30703..ff425c7895 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-threat-experts.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Microsoft Threat Experts is a managed detection and response (MDR) service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed. +Microsoft Threat Experts is a managed threat hunting service that provides Security Operation Centers (SOCs) with expert level monitoring and analysis to help them ensure that critical threats in their unique environments don’t get missed. This new capability provides expert-driven insights and data through targeted attack notification and access to experts on demand.
MessageDate
February 2020 Windows 10, version 1909 and Windows 10, version 1903 \"D\" optional release is available
The February 2020 optional monthly “D” release for Windows 10, version 1909 and Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 27, 2020
01:30 PM PT
February 2020 Windows \"C\" optional release is available.
The February 2020 optional monthly “C” release for all supported versions of Windows prior to Windows 10, version 1903 is now available. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 25, 2020
08:00 AM PT
Status of February 2020 “C” release
The optional monthly “C” release for February 2020 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our Windows 10 update servicing cadence primer. Follow @WindowsUpdate for the latest on the availability of this release.
February 21, 2020
12:00 PM PT
Compatibility issue with some Windows Server container images
If you are encountering issues with Windows Server container images, please see KB4542617.
February 13, 2020
03:21 PM PT