From 71cdcb8e8b2de2cdbad57fe24528bc80d4250686 Mon Sep 17 00:00:00 2001 From: LE Date: Thu, 11 Jun 2020 18:03:45 -0400 Subject: [PATCH 1/7] Update manage-windows-2004-endpoints.md --- windows/privacy/manage-windows-2004-endpoints.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/manage-windows-2004-endpoints.md b/windows/privacy/manage-windows-2004-endpoints.md index 75e9aa6738..73e8c9e0fd 100644 --- a/windows/privacy/manage-windows-2004-endpoints.md +++ b/windows/privacy/manage-windows-2004-endpoints.md @@ -53,7 +53,7 @@ The following methodology was used to derive these network endpoints: ||The following endpoint is used for the Weather app. To turn off traffic for this endpoint, either uninstall the Weather app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|tile-service.weather.microsoft.com ||The following endpoint is used for OneNote Live Tile. To turn off traffic for this endpoint, either uninstall OneNote or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|HTTPS|cdn.onenote.net/* ||The following endpoint is used by the Photos app to download configuration files, and to connect to the Office 365 portal's shared infrastructure, including Office in a browser. To turn off traffic for this endpoint, either uninstall the Photos app or disable the Microsoft Store. If you disable the Microsoft store, other Store apps cannot be installed or updated. Additionally, the Microsoft Store won't be able to revoke malicious Store apps and users will still be able to open them.|TLSv1.2|evoke-windowsservices-tas.msedge.net| -|Certificates|The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible turn off traffic to this endpoint, but that is not recommended because when root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. Additionally, it is used to download certificates that are publicly known to be fraudulent. These settings are critical for both Windows security and the overall security of the Internet. We do not recommend blocking this endpoint. If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)| +|Certificates|The following endpoint is used by the Automatic Root Certificates Update component to automatically check the list of trusted authorities on Windows Update to see if an update is available. It is possible to turn off traffic to this endpoint, but it is not recommended because as root certificates are updated over time, applications and websites may stop working because they did not receive an updated root certificate the application uses. Additionally, it is used to download certificates that are publicly known to be fraudulent. These settings are critical for both Windows security and the overall security of the Internet. We do not recommend blocking this endpoint. If traffic to this endpoint is turned off, Windows no longer automatically downloads certificates known to be fraudulent, which increases the attack vector on the device.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#automatic-root-certificates-update)| |||HTTP|ctldl.windowsupdate.com| |Cortana and Search|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-cortana)| ||The following endpoints are related to Cortana and Live Tiles. If you turn off traffic for this endpoint, you will block updates to Cortana greetings, tips, and Live Tiles.|TLSv1.2|www.bing.com*| From 43d5d43ad2b6edc086ac8dfbf018e0e570fcfd96 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Wed, 17 Jun 2020 00:04:39 +0530 Subject: [PATCH 2/7] updated may 2020 admx files link as per the user report #6976 , so i replaced November 2019 windows 10 v1909 ADMX templates link to May 2020 windows 10 v 2004 link. old link **https://www.microsoft.com/download/100591** new link **https://www.microsoft.com/download/101445** --- .../use-powershell-cmdlets-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md index 2ec659113a..de3c6cfb93 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-powershell-cmdlets-microsoft-defender-antivirus.md @@ -30,7 +30,7 @@ For a list of the cmdlets and their functions and available parameters, see the PowerShell cmdlets are most useful in Windows Server environments that don't rely on a graphical user interface (GUI) to configure software. > [!NOTE] -> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), or [Microsoft Defender Antivirus Group Policy ADMX templates](https://www.microsoft.com/download/100591). +> PowerShell cmdlets should not be used as a replacement for a full network policy management infrastructure, such as [Microsoft Endpoint Configuration Manager](https://docs.microsoft.com/configmgr), [Group Policy Management Console](https://docs.microsoft.com/previous-versions/windows/it-pro/windows-server-2008-R2-and-2008/cc731212(v=ws.11)), or [Microsoft Defender Antivirus Group Policy ADMX templates](https://www.microsoft.com/download/101445). Changes made with PowerShell will affect local settings on the endpoint where the changes are deployed or made. This means that deployments of policy with Group Policy, Microsoft Endpoint Configuration Manager, or Microsoft Intune can overwrite changes made with PowerShell. From 075f9f74aef2716f1a9e94f5d13a4228f800dbc1 Mon Sep 17 00:00:00 2001 From: amirsc3 <42802974+amirsc3@users.noreply.github.com> Date: Sun, 21 Jun 2020 12:48:00 +0300 Subject: [PATCH 3/7] Update minimum-requirements.md Adding note to make customers aware of potential perf issues on older OS and recommend RS5 or later for VDI environments --- .../microsoft-defender-atp/minimum-requirements.md | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md index 3bbf64e500..8923860ea6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md +++ b/windows/security/threat-protection/microsoft-defender-atp/minimum-requirements.md @@ -93,6 +93,10 @@ The hardware requirements for Microsoft Defender ATP on machines is the same as > [!NOTE] > Machines running mobile versions of Windows are not supported. +> +> Virtual Machines running Windows 10 Enterprise 2016 LTSC (which is based on Windows 10, version 1607) may encounter performance issues if run on non-Microsoft virtualization platforms. +> +> For virtual environments, we recommend using Windows 10 Enterprise LTSC 2019 (which is based on Windows 10, version 1809) or later. ### Other supported operating systems From dbf164c06456f8b3570c151c45eedf73ecef35a5 Mon Sep 17 00:00:00 2001 From: EfiKliger <45028856+EfiKliger@users.noreply.github.com> Date: Mon, 22 Jun 2020 12:24:30 +0300 Subject: [PATCH 4/7] Update post-ti-indicator.md --- .../microsoft-defender-atp/post-ti-indicator.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md index b4b27d638f..5e1fd0cad0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md +++ b/windows/security/threat-protection/microsoft-defender-atp/post-ti-indicator.md @@ -29,7 +29,7 @@ Submits or Updates new [Indicator](ti-indicator.md) entity. ## Limitations 1. Rate limitations for this API are 100 calls per minute and 1500 calls per hour. -2. There is a limit of 5,000 active indicators per tenant. +2. There is a limit of 15,000 active indicators per tenant. ## Permissions @@ -102,4 +102,4 @@ Content-type: application/json ``` ## Related topic -- [Manage indicators](manage-indicators.md) \ No newline at end of file +- [Manage indicators](manage-indicators.md) From 4e2b1c320a5d7f7d39db88779c54753a576f9496 Mon Sep 17 00:00:00 2001 From: Radu Jipa Date: Mon, 22 Jun 2020 11:34:49 +0100 Subject: [PATCH 5/7] Rephrase a confusing double negative Simplify note about Autopilot Reset availability based on OS version --- windows/deployment/windows-autopilot/windows-autopilot-reset.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/windows-autopilot-reset.md b/windows/deployment/windows-autopilot/windows-autopilot-reset.md index e114e9f5ec..8510d7574e 100644 --- a/windows/deployment/windows-autopilot/windows-autopilot-reset.md +++ b/windows/deployment/windows-autopilot/windows-autopilot-reset.md @@ -116,7 +116,7 @@ To trigger a remote Windows Autopilot Reset via Intune, follow these steps: - Select **Autopilot Reset** to kick-off the reset task. >[!NOTE] ->The Autopilot Reset option will not be enabled in Microsoft Intune for devices not running Windows 10 build 17672 or higher. +>The Autopilot Reset option will only be enabled in Microsoft Intune for devices running Windows 10 build 17672 or higher. >[!IMPORTANT] >The feature for Autopilot Reset will stay grayed out, **unless** you reset the device using Autopilot (either using Fresh Reset or manually sysprep the device). From db43f9aa64eec69602c52ad7819cb4244347edee Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Mon, 22 Jun 2020 22:54:40 +0530 Subject: [PATCH 6/7] replaced word diable to disable as per the user report #7010 , so i corrected the word **diable** to **disable** --- windows/client-management/mdm/policy-csp-connectivity.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md index 9f039348ee..0b9dcee127 100644 --- a/windows/client-management/mdm/policy-csp-connectivity.md +++ b/windows/client-management/mdm/policy-csp-connectivity.md @@ -47,7 +47,7 @@ manager: dansimp Connectivity/AllowVPNRoamingOverCellular
- Connectivity/DiablePrintingOverHTTP + Connectivity/DiablePrintingOverHTTP
Connectivity/DisableDownloadingOfPrintDriversOverHTTP From ad0b33d1869d949e22d5e061a70f4681da07a53d Mon Sep 17 00:00:00 2001 From: Tina Burden Date: Mon, 22 Jun 2020 11:46:37 -0700 Subject: [PATCH 7/7] pencil edit --- windows/client-management/mdm/policy-csp-connectivity.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/client-management/mdm/policy-csp-connectivity.md b/windows/client-management/mdm/policy-csp-connectivity.md index a358b07581..5a058b41e4 100644 --- a/windows/client-management/mdm/policy-csp-connectivity.md +++ b/windows/client-management/mdm/policy-csp-connectivity.md @@ -47,7 +47,7 @@ manager: dansimp Connectivity/AllowVPNRoamingOverCellular
- Connectivity/DiablePrintingOverHTTP + Connectivity/DiablePrintingOverHTTP
Connectivity/DisableDownloadingOfPrintDriversOverHTTP