From 70cffda84b5c6be4d46950c3a2c85318bfe499ba Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Tue, 9 Jun 2020 07:36:42 -0700
Subject: [PATCH 01/11] Adds new article to landing page
---
devices/surface/get-started.yml | 4 ++--
devices/surface/secure-surface-dock-ports-semm.md | 2 +-
2 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/devices/surface/get-started.yml b/devices/surface/get-started.yml
index 131d77a578..0c309e50b7 100644
--- a/devices/surface/get-started.yml
+++ b/devices/surface/get-started.yml
@@ -72,10 +72,10 @@ landingContent:
linkLists:
- linkListType: how-to-guide
links:
+ - text: Secure Surface Dock 2 ports with Surface Enterprise Management Mode (SEMM)
+ url: secure-surface-dock-ports-semm.md
- text: Intune management of Surface UEFI settings
url: surface-manage-dfci-guide.md
- - text: Surface Enterprise Management Mode (SEMM)
- url: surface-enterprise-management-mode.md
- text: Surface Data Eraser tool
url: microsoft-surface-data-eraser.md
diff --git a/devices/surface/secure-surface-dock-ports-semm.md b/devices/surface/secure-surface-dock-ports-semm.md
index 615ba03a3c..0141a6dae1 100644
--- a/devices/surface/secure-surface-dock-ports-semm.md
+++ b/devices/surface/secure-surface-dock-ports-semm.md
@@ -91,7 +91,7 @@ Each host device must have the doc CA and two certificates as shown in Table 2.
|Provisioning administration certificate|ECC P256
SHA256|Enables you to change dock ownership and/or policy settings by allowing you to replace the CA that's currently installed on the dock.|1.3.6.1.4.1.311.76.9.21.3
1.3.6.1.4.1.311.76.9.21.4|
>[!NOTE]
- >The host authentication and provisioning certificates must be exported as.pfx files.
+ >The host authentication and provisioning certificates must be exported as .pfx files.
### Create configuration package
From f419fb20b4c9f2cd60df70cfcd1b3471f54d257b Mon Sep 17 00:00:00 2001
From: Sinead O'Sullivan
Date: Tue, 9 Jun 2020 16:20:02 +0100
Subject: [PATCH 02/11] Update configure-endpoints-vdi.md
---
.../microsoft-defender-atp/configure-endpoints-vdi.md | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 2c8c2b2f66..95b1de3abc 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -30,7 +30,14 @@ ms.date: 04/16/2020
## Onboard non-persistent virtual desktop infrastructure (VDI) machines
-Microsoft Defender ATP supports non-persistent VDI session onboarding. There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario:
+Microsoft Defender ATP supports non-persistent VDI session onboarding.
+
+>![Note]
+>To onboard non-persistent VDI sessions your VDI machine must be on Windows 10.
+>
+>While other Windows versions might work, only Windows 10 is supported.
+
+There might be associated challenges when onboarding VDIs. The following are typical challenges for this scenario:
- Instant early onboarding of a short-lived sessions, which must be onboarded to Microsoft Defender ATP prior to the actual provisioning.
- The machine name is typically reused for new sessions.
From bfa5a34d63054cbee62a1d2f1fc11a4578d8cbf3 Mon Sep 17 00:00:00 2001
From: Sinead O'Sullivan
Date: Tue, 9 Jun 2020 16:52:37 +0100
Subject: [PATCH 03/11] Update configure-endpoints-vdi.md
---
.../microsoft-defender-atp/configure-endpoints-vdi.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 95b1de3abc..306224120c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -33,7 +33,7 @@ ms.date: 04/16/2020
Microsoft Defender ATP supports non-persistent VDI session onboarding.
>![Note]
->To onboard non-persistent VDI sessions your VDI machine must be on Windows 10.
+>To onboard non-persistent VDI sessions, VDI machines must be on Windows 10.
>
>While other Windows versions might work, only Windows 10 is supported.
From ae1ced0fb676eac8a43ccd78ae95ee20a87e2a40 Mon Sep 17 00:00:00 2001
From: Sinead O'Sullivan
Date: Tue, 9 Jun 2020 17:48:02 +0100
Subject: [PATCH 04/11] Update configure-endpoints-vdi.md
---
.../microsoft-defender-atp/configure-endpoints-vdi.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
index 306224120c..b640c52453 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-vdi.md
@@ -32,7 +32,7 @@ ms.date: 04/16/2020
Microsoft Defender ATP supports non-persistent VDI session onboarding.
->![Note]
+>[!Note]
>To onboard non-persistent VDI sessions, VDI machines must be on Windows 10.
>
>While other Windows versions might work, only Windows 10 is supported.
From 65e813b943293ad3f1721716a68767ca3435a2d9 Mon Sep 17 00:00:00 2001
From: John Kaiser <35939694+CoveMiner@users.noreply.github.com>
Date: Tue, 9 Jun 2020 11:50:15 -0700
Subject: [PATCH 05/11] Update secure-surface-dock-ports-semm.md
---
devices/surface/secure-surface-dock-ports-semm.md | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/devices/surface/secure-surface-dock-ports-semm.md b/devices/surface/secure-surface-dock-ports-semm.md
index 0141a6dae1..dfd2d40c11 100644
--- a/devices/surface/secure-surface-dock-ports-semm.md
+++ b/devices/surface/secure-surface-dock-ports-semm.md
@@ -30,13 +30,15 @@ Managing Surface Dock 2 with SEMM is available for docks connected to Surface Bo
>[!NOTE]
>You can manage Surface Dock 2 ports only when the dock is connected to one of the following compatible devices: Surface Book 3, Surface Laptop 3, and Surface Pro 7. Any device that doesn't receive the UEFI Authenticated policy settings is inherently an unauthenticated device.
-Restricting Surface Dock 2 to authorized persons signed into a corporate host device provides another layer of data protection. This ability to lock down Surface Dock 2 is critical for specific customers in highly secure environments who want the functionality and productivity benefits of the dock while maintaining compliance with strict security protocols. We anticipate SEMM used with Surface Dock 2 will be particularly useful in open offices and shared spaces especially for customers who want to lock USB ports for security reasons.
+### Scenarios
+
+Restricting Surface Dock 2 to authorized persons signed into a corporate host device provides another layer of data protection. This ability to lock down Surface Dock 2 is critical for specific customers in highly secure environments who want the functionality and productivity benefits of the dock while maintaining compliance with strict security protocols. We anticipate SEMM used with Surface Dock 2 will be particularly useful in open offices and shared spaces especially for customers who want to lock USB ports for security reasons. For a video demo, check out [SEMM for Surface Dock 2](https://youtu.be/VLV19ISvq_s).
## Configuring and deploying UEFI settings for Surface Dock 2
This section provides step-by-step guidance for the following tasks:
-1. Install **Surface UEFI Configurator**.
+1. Install [**Surface UEFI Configurator**](https://www.microsoft.com/en-us/download/details.aspx?id=46703).
1. Create or obtain public key certificates.
1. Create an .MSI configuration package.
1. Add your certificates.
From 0376676b047c05429f9df2ad62f8729ef5fa64da Mon Sep 17 00:00:00 2001
From: Dani Halfin
Date: Tue, 9 Jun 2020 14:25:38 -0700
Subject: [PATCH 06/11] fixing redirect
---
.openpublishing.redirection.json | Bin 2576176 -> 2576186 bytes
windows/privacy/index.yml | 2 +-
2 files changed, 1 insertion(+), 1 deletion(-)
diff --git a/.openpublishing.redirection.json b/.openpublishing.redirection.json
index af5222988d92153d130950539faba798275c0555..ef2e397e5bfec17fd1858d9f948e661a6c8c7c31 100644
GIT binary patch
delta 113
zcmWN=O$vfQ0Dw_U%ha;cQnONX{MpXddv$;oA9w^I$X)vuf*>wBTJzw2`?of!Pc#
Date: Tue, 9 Jun 2020 15:45:34 -0700
Subject: [PATCH 07/11] minor tweak
---
windows/deployment/index.yml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/deployment/index.yml b/windows/deployment/index.yml
index 6e694f4e3b..70fa4b92c9 100644
--- a/windows/deployment/index.yml
+++ b/windows/deployment/index.yml
@@ -102,7 +102,7 @@ landingContent:
# Card (optional)
- title: Windows 10 resources
linkLists:
- - linkListType: learn
+ - linkListType: reference
links:
- text: Windows 10 release information
url: https://docs.microsoft.com/windows/release-information/
From 6bf3d85f31d61efb25ea4ac33e0c2658abb31a10 Mon Sep 17 00:00:00 2001
From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com>
Date: Tue, 9 Jun 2020 21:33:11 -0700
Subject: [PATCH 08/11] Corrected msftconnecttest to HTTP from HTTPS
Corrected msftconnecttest to HTTP from HTTPS
---
.../windows-endpoints-2004-non-enterprise-editions.md | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
index a224c93fd2..d0be97841e 100644
--- a/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
+++ b/windows/privacy/windows-endpoints-2004-non-enterprise-editions.md
@@ -84,7 +84,7 @@ The following methodology was used to derive the network endpoints:
|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
@@ -144,7 +144,7 @@ The following methodology was used to derive the network endpoints:
|watson.telemetry.microsoft.com|HTTPS|Diagnostic Data
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.msn.com|HTTPS|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
@@ -198,6 +198,6 @@ The following methodology was used to derive the network endpoints:
|wdcp.microsoft.com|TLSv1.2|Used for Windows Defender when Cloud-based Protection is enabled
|www.bing.com|TLSv1.2|Used for updates for Cortana, apps, and Live Tiles
|www.microsoft.com|HTTP|Connected User Experiences and Telemetry, Microsoft Data Management service
-|www.msftconnecttest.com|HTTPS|Network Connection (NCSI)
+|www.msftconnecttest.com|HTTP|Network Connection (NCSI)
|www.office.com|HTTPS|Microsoft Office
From 1a1d27ebdd07f50ce88880014bb59a2245340d01 Mon Sep 17 00:00:00 2001
From: Obi Eze Ajoku <62227226+linque1@users.noreply.github.com>
Date: Tue, 9 Jun 2020 21:43:50 -0700
Subject: [PATCH 09/11] Corrected msftconnecttest to HTTP from HTTPS -ENT
Corrected msftconnecttest to HTTP from HTTPS -ENT
---
windows/privacy/manage-windows-2004-endpoints.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/windows/privacy/manage-windows-2004-endpoints.md b/windows/privacy/manage-windows-2004-endpoints.md
index a8c5513c4e..75e9aa6738 100644
--- a/windows/privacy/manage-windows-2004-endpoints.md
+++ b/windows/privacy/manage-windows-2004-endpoints.md
@@ -12,7 +12,7 @@ ms.author: obezeajo
manager: robsize
ms.collection: M365-security-compliance
ms.topic: article
-ms.date: 5/11/2020
+ms.date: 6/9/2020
---
# Manage connection endpoints for Windows 10 Enterprise, version 2004
@@ -80,7 +80,7 @@ The following methodology was used to derive these network endpoints:
||The following endpoints are used to communicate with Microsoft Store. If you turn off traffic for these endpoints, apps cannot be installed or updated from the Microsoft Store. |HTTP|*.dl.delivery.mp.microsoft.com|
||The following endpoint is used to get Microsoft Store analytics.|TLSv1.2|manage.devcenter.microsoft.com|
|Network Connection Status Indicator (NCSI)|||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-ncsi)|
-||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTPS|www.msftconnecttest.com*|
+||Network Connection Status Indicator (NCSI) detects Internet connectivity and corporate network connectivity status. NCSI sends a DNS request and HTTP query to this endpoint to determine if the device can communicate with the Internet. If you turn off traffic for this endpoint, NCSI won't be able to determine if the device is connected to the Internet and the network status tray icon will show a warning.|HTTP|www.msftconnecttest.com*|
|Office|The following endpoints are used to connect to the Office 365 portal's shared infrastructure, including Office in a browser. For more info, see Office 365 URLs and IP address ranges. You can turn this off by removing all Microsoft Office apps and the Mail and Calendar apps. If you turn off traffic for these endpoints, users won't be able to save documents to the cloud or see their recently used documents.||[Learn how to turn off traffic to all of the following endpoint(s).](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#26-microsoft-store)|
|||HTTPS|*ow1.res.office365.com|
|||HTTPS|office.com|
From d517a31d2d47a73830b0ed474bd9587bf51d3d58 Mon Sep 17 00:00:00 2001
From: Kurt Sarens <56369685+kurtsarens@users.noreply.github.com>
Date: Wed, 10 Jun 2020 05:41:37 -0700
Subject: [PATCH 10/11] resubmit... replaced Windows with Microsoft
---
.../collect-diagnostic-data.md | 20 +++++++++----------
...ne-arguments-windows-defender-antivirus.md | 14 ++++++-------
2 files changed, 17 insertions(+), 17 deletions(-)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md
index c3c1d2b052..195c50060b 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/collect-diagnostic-data.md
@@ -1,7 +1,7 @@
---
-title: Collect diagnostic data of Windows Defender Windows Defender Antivirus
-description: Use a tool to collect data to troubleshoot Windows Defender Antivirus
-keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, windows defender av
+title: Collect diagnostic data of Microsoft Defender Antivirus
+description: Use a tool to collect data to troubleshoot Microsoft Defender Antivirus
+keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, Microsoft Defender av
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
ms.prod: w10
@@ -17,13 +17,13 @@ ms.reviewer:
manager: dansimp
---
-# Collect Windows Defender AV diagnostic data
+# Collect Microsoft Defender AV diagnostic data
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Windows Defender AV.
+This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender AV.
On at least two devices that are experiencing the same issue, obtain the .cab diagnostic file by taking the following steps:
@@ -35,10 +35,10 @@ On at least two devices that are experiencing the same issue, obtain the .cab di
c. Enter administrator credentials or approve the prompt.
-2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`.
+2. Navigate to the Microsoft Defender directory. By default, this is `C:\Program Files\Windows Defender`.
> [!NOTE]
-> If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
+> If you're running an updated Microsoft Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
3. Type the following command, and then press **Enter**
@@ -46,7 +46,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di
mpcmdrun.exe -GetFiles
```
-4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`.
+4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Microsoft Defender\Support\MpSupportFiles.cab`.
> [!NOTE]
> To redirect the cab file to a a different path or UNC share, use the below command:
@@ -58,7 +58,7 @@ On at least two devices that are experiencing the same issue, obtain the .cab di
> [!NOTE]
>If you have a problem with Update compliance, send an email using the Update Compliance support email template, and fill out the template with the following information:
>```
-> I am encountering the following issue when using Windows Defender Antivirus in Update Compliance:
+> I am encountering the following issue when using Microsoft Defender Antivirus in Update Compliance:
> I have provided at least 2 support .cab files at the following location:
>
>
@@ -93,5 +93,5 @@ When the SupportLogLocation parameter is used, a folder structure as below will
## See also
-- [Troubleshoot Windows Defender Windows Defender Antivirus reporting](troubleshoot-reporting.md)
+- [Troubleshoot Microsoft Defender Antivirus reporting](troubleshoot-reporting.md)
diff --git a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
index 8a16818ba6..d2169a1969 100644
--- a/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md
@@ -1,7 +1,7 @@
---
-title: Use the command line to manage Windows Defender Antivirus
-description: Run Windows Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility.
-keywords: run windows defender scan, run antivirus scan from command line, run windows defender scan from command line, mpcmdrun, defender
+title: Use the command line to manage Microsoft Defender Antivirus
+description: Run Microsoft Defender Antivirus scans and configure next-generation protection with a dedicated command-line utility.
+keywords: run Microsoft Defender scan, run antivirus scan from command line, run Microsoft Defender scan from command line, mpcmdrun, defender
search.product: eADQiWindows 10XVcnh
ms.pagetype: security
ms.prod: w10
@@ -16,18 +16,18 @@ ms.reviewer: ksarens
manager: dansimp
---
-# Configure and manage Windows Defender Antivirus with the mpcmdrun.exe command-line tool
+# Configure and manage Microsoft Defender Antivirus with the mpcmdrun.exe command-line tool
**Applies to:**
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559)
-You can perform various Windows Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Windows Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt.
+You can perform various Microsoft Defender Antivirus functions with the dedicated command-line tool *mpcmdrun.exe*. This utility is useful when you want to automate Microsoft Defender Antivirus use. You can find the utility in `%ProgramFiles%\Windows Defender\MpCmdRun.exe`. You must run it from a command prompt.
> [!NOTE]
> You might need to open an administrator-level version of the command prompt. Right-click the item in the Start menu, click **Run as administrator** and click **Yes** at the permissions prompt.
>
-> If you're running an updated Windows Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
+> If you're running an updated Microsoft Defender Platform version, please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\`.
The utility has the following commands:
@@ -60,4 +60,4 @@ MpCmdRun.exe -Scan -ScanType 2
- [Reference topics for collecting diagnostic data](collect-diagnostic-data.md)
- [Reference topics for management and configuration tools](configuration-management-reference-windows-defender-antivirus.md)
-- [Windows Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
+- [Microsoft Defender Antivirus in Windows 10](windows-defender-antivirus-in-windows-10.md)
From 1732ea7a3ba154eb5337fb9a0acf491098a77cfc Mon Sep 17 00:00:00 2001
From: Denise Vangel-MSFT
Date: Wed, 10 Jun 2020 08:48:10 -0700
Subject: [PATCH 11/11] Update collect-diagnostic-data.md
---
.../microsoft-defender-antivirus/collect-diagnostic-data.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
index 08d45c281f..e366bb2066 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/collect-diagnostic-data.md
@@ -12,7 +12,7 @@ ms.localizationpriority: medium
author: denisebmsft
ms.author: deniseb
ms.custom: nextgen
-ms.date: 06/01/2020
+ms.date: 06/10/2020
ms.reviewer:
manager: dansimp
---