From d7072f6b3950fb3eb3eb3b12e59db698a8df35c4 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 26 Jun 2019 14:06:59 -0700 Subject: [PATCH 01/17] Updated sample syncml syntax --- windows/client-management/mdm/update-csp.md | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/update-csp.md b/windows/client-management/mdm/update-csp.md index 1c2165a735..6e160bf8ce 100644 --- a/windows/client-management/mdm/update-csp.md +++ b/windows/client-management/mdm/update-csp.md @@ -48,9 +48,10 @@ The following diagram shows the Update configuration service provider in tree fo

Supported operations are Get and Add.

Sample syncml: -

+ +``` ./Vendor/MSFT/Update/ApprovedUpdates/%7ba317dafe-baf4-453f-b232-a7075efae36e%7d - +``` **ApprovedUpdates/*Approved Update Guid*/ApprovedTime**

Specifies the time the update gets approved. From 14d1384b0e9fd1d25681d35281606bab068f84f0 Mon Sep 17 00:00:00 2001 From: lomayor Date: Wed, 26 Jun 2019 15:24:43 -0700 Subject: [PATCH 02/17] Update TOC.md --- .../security/threat-protection/microsoft-defender-atp/TOC.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/TOC.md b/windows/security/threat-protection/microsoft-defender-atp/TOC.md index c3b2acca81..9a760b5d35 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/TOC.md +++ b/windows/security/threat-protection/microsoft-defender-atp/TOC.md @@ -87,8 +87,6 @@ ### [Microsoft Threat Experts](microsoft-threat-experts.md) -### [Threat analytics](threat-analytics.md) - ### [Advanced hunting](overview-hunting.md) #### [Query data using Advanced hunting](advanced-hunting.md) ##### [Advanced hunting reference](advanced-hunting-reference.md) From abc0764ca238bc7a5aabdb39ccaf9db4eb99201a Mon Sep 17 00:00:00 2001 From: lomayor Date: Wed, 26 Jun 2019 15:31:33 -0700 Subject: [PATCH 03/17] Update TOC.md --- .../security/threat-protection/microsoft-defender-atp/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/TOC.md b/windows/security/threat-protection/microsoft-defender-atp/TOC.md index 9a760b5d35..bf0ab5deb3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/TOC.md +++ b/windows/security/threat-protection/microsoft-defender-atp/TOC.md @@ -92,7 +92,7 @@ ##### [Advanced hunting reference](advanced-hunting-reference.md) ##### [Advanced hunting query language best practices](advanced-hunting-best-practices.md) #### [Custom detections](overview-custom-detections.md) -#####[Create custom detections rules](custom-detection-rules.md) +##### [Create custom detections rules](custom-detection-rules.md) ### [Management and APIs](management-apis.md) #### [Understand threat intelligence concepts](threat-indicator-concepts.md) From 36522d75f9a381fd0974b5afd707505771eca76d Mon Sep 17 00:00:00 2001 From: lomayor Date: Wed, 26 Jun 2019 15:36:55 -0700 Subject: [PATCH 04/17] Update TOC.md --- .../microsoft-defender-atp/TOC.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/TOC.md b/windows/security/threat-protection/microsoft-defender-atp/TOC.md index bf0ab5deb3..18a83f92c4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/TOC.md +++ b/windows/security/threat-protection/microsoft-defender-atp/TOC.md @@ -122,7 +122,7 @@ ### [Assign user access to the portal](assign-portal-access.md) ### [Evaluate Microsoft Defender ATP](evaluate-atp.md) -####Evaluate attack surface reduction +#### Evaluate attack surface reduction ##### [Hardware-based isolation](../windows-defender-application-guard/test-scenarios-wd-app-guard.md) ##### [Application control](../windows-defender-application-control/audit-windows-defender-application-control-policies.md) ##### [Exploit protection](../windows-defender-exploit-guard/evaluate-exploit-protection.md) @@ -136,7 +136,7 @@ ## [Configure and manage capabilities](onboard.md) ### [Configure attack surface reduction](configure-attack-surface-reduction.md) -###Hardware-based isolation +### Hardware-based isolation #### [System integrity](../windows-defender-system-guard/system-guard-secure-launch-and-smm-protection.md) #### [Application isolation](../windows-defender-application-guard/install-wd-app-guard.md) ##### [Configuration settings](../windows-defender-application-guard/configure-wd-app-guard.md) @@ -366,7 +366,7 @@ ### Configure Microsoft Threat Protection integration #### [Configure Conditional Access](configure-conditional-access.md) #### [Configure Microsoft Cloud App Security in Windows](microsoft-cloud-app-security-config.md) -####[Configure information protection in Windows](information-protection-in-windows-config.md) +#### [Configure information protection in Windows](information-protection-in-windows-config.md) ### [Configure Microsoft Defender Security Center settings](preferences-setup.md) @@ -388,14 +388,14 @@ ##### [Enable Threat intel](enable-custom-ti.md) ##### [Enable SIEM integration](enable-siem-integration.md) -####Rules +#### Rules ##### [Manage suppression rules](manage-suppression-rules.md) ##### [Manage automation allowed/blocked lists](manage-automation-allowed-blocked-list.md) ##### [Manage indicators](manage-indicators.md) ##### [Manage automation file uploads](manage-automation-file-uploads.md) ##### [Manage automation folder exclusions](manage-automation-folder-exclusions.md) -####Machine management +#### Machine management ##### [Onboarding machines](onboard-configure.md) ##### [Offboarding machines](offboard-machines.md) @@ -404,7 +404,7 @@ ## [Troubleshoot Microsoft Defender ATP](troubleshoot-overview.md) -###Troubleshoot sensor state +### Troubleshoot sensor state #### [Check sensor state](check-sensor-status.md) #### [Fix unhealthy sensors](fix-unhealthy-sensors.md) #### [Inactive machines](fix-unhealthy-sensors.md#inactive-machines) @@ -414,7 +414,7 @@ ### [Troubleshoot Microsoft Defender ATP service issues](troubleshoot-mdatp.md) #### [Check service health](service-status.md) -###Troubleshoot attack surface reduction +### Troubleshoot attack surface reduction #### [Network protection](../windows-defender-exploit-guard/troubleshoot-np.md) #### [Attack surface reduction rules](../windows-defender-exploit-guard/troubleshoot-asr.md) #### [Collect diagnostic data for files](../windows-defender-exploit-guard/collect-cab-files-exploit-guard-submission.md) From c5420e040cafaf731b83d3fdd44b8a7d2aa00db7 Mon Sep 17 00:00:00 2001 From: ManikaDhiman Date: Wed, 26 Jun 2019 16:17:26 -0700 Subject: [PATCH 05/17] Removed bookmark of a deleted policy --- windows/client-management/mdm/policy-csp-accounts.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/windows/client-management/mdm/policy-csp-accounts.md b/windows/client-management/mdm/policy-csp-accounts.md index 12eb5d68db..25e17cdd51 100644 --- a/windows/client-management/mdm/policy-csp-accounts.md +++ b/windows/client-management/mdm/policy-csp-accounts.md @@ -30,10 +30,7 @@ manager: dansimp

Accounts/AllowMicrosoftAccountSignInAssistant
-
- Accounts/DomainNamesForEmailSync -
- +
From e0910471e5720fe8d96aad96aef1ed0fcf3acebd Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 26 Jun 2019 17:24:34 -0700 Subject: [PATCH 06/17] update some issues (#582) --- .../cat-windows-docs-pr - Shortcut.lnk | Bin 0 -> 962 bytes .../resolved-issues-windows-10-1703.yml | 2 ++ .../resolved-issues-windows-10-1709.yml | 2 ++ .../resolved-issues-windows-10-1803.yml | 2 ++ ...es-windows-10-1809-and-windows-server-2019.yml | 2 ++ ...us-windows-10-1607-and-windows-server-2016.yml | 6 ++---- .../status-windows-10-1703.yml | 8 ++++---- .../status-windows-10-1709.yml | 4 ++-- .../status-windows-10-1803.yml | 4 ++-- ...us-windows-10-1809-and-windows-server-2019.yml | 4 ++-- .../status-windows-10-1903.yml | 2 +- 11 files changed, 21 insertions(+), 15 deletions(-) create mode 100644 windows/release-information/cat-windows-docs-pr - Shortcut.lnk diff --git a/windows/release-information/cat-windows-docs-pr - Shortcut.lnk b/windows/release-information/cat-windows-docs-pr - Shortcut.lnk new file mode 100644 index 0000000000000000000000000000000000000000..1c599245a0e5186f30b167337f3571fb9b15e332 GIT binary patch literal 962 zcmeZaU|?VrVFHp23iE(Xs{$uo)MxRPI5Ae zFvtfy@V}t&$|_S}(G3m;Z3Bb3k_`H;Rxxlz2u1>fA(*q?k4;K|!8t!Sw^-LDKe?EJ z!Ht2Ffra7yzV&|9k|0?Na)GdzL6^Y=$W8{b7#O4& zs-WiI@LSa*z>u6+qFbJsmy%yzteXO~MYo`cAp&j>lN3l5$exM8AcN7p_WxTD(A-3Z z5}+OB44Djh3@JdH%E5MmSRgxf844JRfO?gHH~@%cpyq&RT_6Sle;^hFVrC$=^pTze z3T6gi@F092gUz7~tPFZU7y~8~fLeh17es*c0zpb@adt_5fv#ntVR1@HD#Mfx`z6M5 zQBE^E*p0TBb6+X$e|^w)#!JCXN;W}FS^Wis6n z_j-*bP@D^-0A!d55EC29qCmC$K+NC(A~w~4Q!26+N;*@eGgx4SummaryOriginating updateStatusDate resolved +
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >OS Build 15063.1839

May 28, 2019
KB4499162Resolved
KB4509476June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >OS Build 15063.1868

June 11, 2019
KB4503279Resolved
KB4503289June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >OS Build 15063.1839

May 28, 2019
KB4499162Resolved
KB4503279June 11, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >OS Build 15063.1805

May 14, 2019
KB4499181Resolved
KB4505055May 19, 2019
02:00 PM PT @@ -63,6 +64,7 @@ sections: - type: markdown text: " +
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499162. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509476.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503289.

Back to top		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503279.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4503279		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1709.yml b/windows/release-information/resolved-issues-windows-10-1709.yml index 38d3c78785..cc9dc8578b 100644 --- a/windows/release-information/resolved-issues-windows-10-1709.yml +++ b/windows/release-information/resolved-issues-windows-10-1709.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -65,6 +66,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4503284		June 11, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		OS Build 16299.1143

May 14, 2019
KB4498946		Resolved
KB4505062		May 19, 2019
02:00 PM PT
+
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499147. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509477.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503281.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503284.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4503284		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1803.yml b/windows/release-information/resolved-issues-windows-10-1803.yml index ae7d8ff09a..d68cf6db85 100644 --- a/windows/release-information/resolved-issues-windows-10-1803.yml +++ b/windows/release-information/resolved-issues-windows-10-1803.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -65,6 +66,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4503286		June 11, 2019
10:00 AM PT
Unable to access some gov.uk websites
gov.uk websites that don’t support “HSTS” may not be accessible

See details >		OS Build 17134.765

May 14, 2019
KB4499167		Resolved
KB4505064		May 19, 2019
02:00 PM PT
+
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503288.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503286.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4503286		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
diff --git a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml index e0eab68c77..95d9adad11 100644 --- a/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml @@ -32,6 +32,7 @@ sections: - type: markdown text: " + @@ -77,6 +78,7 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusDate resolved
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers, in some circumstances, may have issues pairing or connecting to devices.

See details >		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		June 18, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		June 18, 2019
02:00 PM PT
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) apps, you may receive an error.

See details >		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		June 18, 2019
02:00 PM PT
+ diff --git a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml index 74ca531bab..02732e5e58 100644 --- a/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml +++ b/windows/release-information/status-windows-10-1607-and-windows-server-2016.yml @@ -61,7 +61,7 @@ sections: text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
In some circumstances, devices with Realtek Bluetooth radios may have issues pairing or connecting to Bluetooth devices due to a driver issue.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 14, 2019
05:45 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503327.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4503327		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
- + @@ -70,7 +70,6 @@ sections: -
SummaryOriginating updateStatusLast updated
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Investigating
June 21, 2019
10:08 AM PT
Devices with Hyper-V enabled may see BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
June 21, 2019
05:23 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
June 24, 2019
10:46 AM PT
Some applications may fail to run as expected on clients of AD FS 2016
Some applications may fail to run as expected on clients of Active Directory Federation Services 2016 (AD FS 2016)

See details >		OS Build 14393.2941

April 25, 2019
KB4493473		Mitigated
June 07, 2019
04:25 PM PT
Cluster service may fail if the minimum password length is set to greater than 14
The cluster service may fail to start with the error “2245 (NERR_PasswordTooShort)” if the Group Policy “Minimum Password Length” is configured with greater than 14 characters.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
SCVMM cannot enumerate and manage logical switches deployed on the host
For hosts managed by System Center Virtual Machine Manager (VMM), VMM cannot enumerate and manage logical switches deployed on the host.

See details >		OS Build 14393.2639

November 27, 2018
KB4467684		Mitigated
April 25, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 14393.3025

June 11, 2019
KB4503267		Resolved
KB4503294		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 14393.2999

May 23, 2019
KB4499177		Resolved
KB4503267		June 11, 2019
10:00 AM PT
Issue using PXE to start a device from WDS
There may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension.

See details >		OS Build 14393.2848

March 12, 2019
KB4489882		Resolved
KB4503267		June 11, 2019
10:00 AM PT
Update not showing as applicable through WSUS or SCCM or when manually installed
Update not showing as applicable through WSUS or SCCM or when manually installed

See details >		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4498947		May 14, 2019
10:00 AM PT
" @@ -98,8 +97,7 @@ sections: - type: markdown text: " - - +
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may see BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock OS drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
Last updated:
June 21, 2019
05:23 PM PT

Opened:
May 21, 2019
08:50 AM PT
Update not showing as applicable through WSUS or SCCM or when manually installed
KB4494440 or later updates may not show as applicable through WSUS or SCCM to the affected platforms. When manually installing the standalone update from Microsoft Update Catalog, it may fail to install with the error, \"The update is not applicable to your computer.\"


Affected platforms:
  • Client: Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016

Resolution: The servicing stack update (SSU) (KB4498947) must be installed before installing the latest cumulative update (LCU). The LCU will not be reported as applicable until the SSU is installed. For more information, see Servicing stack updates.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Resolved
KB4498947		Resolved:
May 14, 2019
10:00 AM PT

Opened:
May 24, 2019
04:20 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4494440 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. Select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 14393.2969

May 14, 2019
KB4494440		Mitigated
Last updated:
June 24, 2019
10:46 AM PT

Opened:
May 21, 2019
08:50 AM PT
" diff --git a/windows/release-information/status-windows-10-1703.yml b/windows/release-information/status-windows-10-1703.yml index 5b45e36e2d..f16e1f1264 100644 --- a/windows/release-information/status-windows-10-1703.yml +++ b/windows/release-information/status-windows-10-1703.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- - + +
SummaryOriginating updateStatusLast updated
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Investigating
June 21, 2019
10:08 AM PT
Devices with Hyper-V enabled may see BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
June 21, 2019
05:23 PM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may start into BitLocker recovery with error 0xC0210000

See details >		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
June 24, 2019
10:46 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 15063.1563

January 08, 2019
KB4480973		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4503279		June 11, 2019
10:00 AM PT
@@ -80,7 +80,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499162. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Next Steps: Microsoft is working on a resolution and will provide an update as quickly as possible.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Investigating
Last updated:
June 21, 2019
10:08 AM PT

Opened:
June 20, 2019
04:46 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499162. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509476.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4509476		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503289.

Back to top		OS Build 15063.1868

June 11, 2019
KB4503279		Resolved
KB4503289		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503279.

Back to top		OS Build 15063.1839

May 28, 2019
KB4499162		Resolved
KB4503279		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
@@ -91,7 +91,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Devices with Hyper-V enabled may see BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48 digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock OS drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an Administrator Command Prompt and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The workaround needs to be followed on every system restart unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for 1 restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
Last updated:
June 21, 2019
05:23 PM PT

Opened:
May 21, 2019
08:50 AM PT
Devices with Hyper-V enabled may receive BitLocker error 0xC0210000
Some devices with Hyper-V enabled may enter BitLocker recovery mode and receive an error, \"0xC0210000\" after installing KB4499181 and restarting.

Affected platforms:
  • Client: Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2016
Workaround: If your device is already in this state, you can successfully start Windows after suspending BitLocker from the Windows Recovery Environment (WinRE) using the following steps:
  1. Retrieve the 48-digit BitLocker recovery password for the OS volume from your organization's portal or from wherever the key was stored when BitLocker was first enabled.
  2. From the recovery screen, press the enter key and enter the recovery password when prompted.
  3. If your device starts in the Windows Recovery Environment and asks for recovery key again, select Skip the drive to continue to WinRE.
  4. Select Advanced options then Troubleshoot then Advanced options then Command Prompt.
  5. Unlock drive using the command: Manage-bde -unlock c: -rp <48 digit numerical recovery password separated by “-“ in 6 digit group>
  6. Suspend BitLocker using the command: Manage-bde -protectors -disable c:
  7. Exit the command window using the command: exit
  8. Select Continue from recovery environment.
  9. The device should now start Windows.
  10. Once started, launch an elevated Command Prompt (i.e. run Command Prompt as administrator) and resume the BitLocker to ensure the system remains protected, using the command: Manage-bde -protectors -enable c:
Note The steps in this workaround need to be followed on every system start unless BitLocker is suspended before restarting.

To prevent this issue, execute the following command to temporarily suspend BitLocker just before restarting the system: Manage-bde -protectors -disable c: -rc 1
Note This command will suspend BitLocker for one restart of the device (-rc 1 option only works inside OS and does not work from recovery environment).

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 15063.1805

May 14, 2019
KB4499181		Mitigated
Last updated:
June 24, 2019
10:46 AM PT

Opened:
May 21, 2019
08:50 AM PT
" diff --git a/windows/release-information/status-windows-10-1709.yml b/windows/release-information/status-windows-10-1709.yml index 6187c0b9bb..94dd18ce88 100644 --- a/windows/release-information/status-windows-10-1709.yml +++ b/windows/release-information/status-windows-10-1709.yml @@ -60,8 +60,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Investigating
June 21, 2019
10:08 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 16299.904

January 08, 2019
KB4480978		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4503284		June 11, 2019
10:00 AM PT
@@ -79,7 +79,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499147. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Next Steps: Microsoft is working on a resolution and will provide an update as quickly as possible.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Investigating
Last updated:
June 21, 2019
10:08 AM PT

Opened:
June 20, 2019
04:46 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499147. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509477.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4509477		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503281.

Back to top		OS Build 16299.1217

June 11, 2019
KB4503284		Resolved
KB4503281		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503284.

Back to top		OS Build 16299.1182

May 28, 2019
KB4499147		Resolved
KB4503284		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
diff --git a/windows/release-information/status-windows-10-1803.yml b/windows/release-information/status-windows-10-1803.yml index a5ed80857f..1f5acbbcbd 100644 --- a/windows/release-information/status-windows-10-1803.yml +++ b/windows/release-information/status-windows-10-1803.yml @@ -60,9 +60,9 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- +
SummaryOriginating updateStatusLast updated
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Investigating
June 21, 2019
10:08 AM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
June 14, 2019
04:41 PM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17134.523

January 08, 2019
KB4480966		Mitigated
April 25, 2019
02:00 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		June 26, 2019
04:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		June 18, 2019
02:00 PM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

See details >		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4503286		June 11, 2019
10:00 AM PT
@@ -80,8 +80,8 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Next Steps: Microsoft is working on a resolution and will provide an update as quickly as possible.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Investigating
Last updated:
June 21, 2019
10:08 AM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4499183. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509478.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4509478		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4503288.

Back to top		OS Build 17134.829

June 11, 2019
KB4503286		Resolved
KB4503288		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503286.

Back to top		OS Build 17134.799

May 21, 2019
KB4499183		Resolved
KB4503286		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
diff --git a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml index 47564591eb..4227882d72 100644 --- a/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml +++ b/windows/release-information/status-windows-10-1809-and-windows-server-2019.yml @@ -65,10 +65,10 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

- + @@ -89,8 +89,8 @@ sections: - type: markdown text: "
SummaryOriginating updateStatusLast updated
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Investigating
June 21, 2019
10:08 AM PT
Startup to a black screen after installing updates
Your device may startup to a black screen during the first logon after installing updates.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
June 14, 2019
04:41 PM PT
Devices with some Asian language packs installed may receive an error
After installing the KB4493509 devices with some Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_F

See details >		OS Build 17763.437

April 09, 2019
KB4493509		Mitigated
May 03, 2019
10:59 AM PT
Certain operations performed on a Cluster Shared Volume may fail
Certain operations, such as rename, performed on files or folders on a Cluster Shared Volume (CSV) may fail with the error, \"STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5)\".

See details >		OS Build 17763.253

January 08, 2019
KB4480116		Mitigated
April 09, 2019
10:00 AM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have difficulty connecting to some Storage Area Network (SAN) devices that leverage iSCSI.

See details >		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		June 26, 2019
04:00 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
Devices with some Realtek Bluetooth radios drivers, in some circumstances, may have issues pairing or connecting to devices.

See details >		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		June 18, 2019
02:00 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view or create Custom Views in Event Viewer, you may receive an error and the app may stop responding or close.

See details >		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		June 18, 2019
02:00 PM PT
Printing from Microsoft Edge or other UWP apps may result in the error 0x80070007
Attempting to print from Microsoft Edge or other Universal Windows Platform (UWP) apps, you may receive an error.

See details >		OS Build 17763.379

March 12, 2019
KB4489899		Resolved
KB4501371		June 18, 2019
02:00 PM PT
- + diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index b4cca0b008..22bd0cf8e0 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -21,7 +21,7 @@ sections: Find information on known issues for Windows 10, version 1903 and Windows Server, version 1903. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s).
DetailsOriginating updateStatusHistory
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Next Steps: Microsoft is working on a resolution and will provide an update as quickly as possible.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Investigating
Last updated:
June 21, 2019
10:08 AM PT

Opened:
June 20, 2019
04:46 PM PT
Startup to a black screen after installing updates
We are investigating reports that a small number of devices may startup to a black screen during the first logon after installing updates.


Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803
  • Server: Windows Server 2019
Workaround: To mitigate this issue, press Ctrl+Alt+Delete, then select the Power button in the lower right corner of the screen and select Restart. Your device should now restart normally.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Mitigated
Last updated:
June 14, 2019
04:41 PM PT

Opened:
June 14, 2019
04:41 PM PT
Difficulty connecting to some iSCSI-based SANs
Devices may have issues connecting to some Storage Area Network (SAN) devices using Internet Small Computer System Interface (iSCSI) after installing KB4497934. You may also receive an error in the System log section of Event Viewer with Event ID 43 from iScsiPrt and a description of “Target failed to respond in time for a login request.”

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4509479.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4509479		Resolved:
June 26, 2019
04:00 PM PT

Opened:
June 20, 2019
04:46 PM PT
Devices with Realtek Bluetooth radios drivers may not pair or connect as expected
In some circumstances, devices with Realtek Bluetooth radios may have issues pairing or connecting to Bluetooth devices due to a driver issue.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019
  • Server: Windows Server 2019
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.503

May 14, 2019
KB4494441		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 14, 2019
05:45 PM PT
Event Viewer may close or you may receive an error when using Custom Views
When trying to expand, view, or create Custom Views in Event Viewer, you may receive the error, \"MMC has detected an error in a snap-in and will unload it.\" and the app may stop responding or close. You may also receive the same error when using Filter Current Log in the Action menu with built-in views or logs. Built-in views and other features of Event Viewer should work as expected.

Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server 2019; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2
Resolution: This issue was resolved in KB4501371.

Back to top		OS Build 17763.557

June 11, 2019
KB4503327		Resolved
KB4501371		Resolved:
June 18, 2019
02:00 PM PT

Opened:
June 12, 2019
11:11 AM PT
Opening Internet Explorer 11 may fail
Internet Explorer 11 may fail to open if Default Search Provider is not set or is malformed.

Affected platforms:
  • Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607
  • Server: Windows Server 2019; Windows Server 2016
Resolution: This issue was resolved in KB4503327.

Back to top		OS Build 17763.529

May 21, 2019
KB4497934		Resolved
KB4503327		Resolved:
June 11, 2019
10:00 AM PT

Opened:
June 05, 2019
05:49 PM PT
-
Current status as of June 18, 2019:
+		Current status:
Windows 10, version 1903 is available for any user who manually selects “Check for updates” via Windows Update for all devices that do not have a safeguard hold. If you are not offered the update, please check below for any known issues that may affect your device. The recommended servicing status is Semi-Annual Channel.

We are now beginning to build and train the machine learning (ML) based rollout process to update devices running the April 2018 Update, and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates and improvements.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
From 7cb34281c45dc002e838abfab5aa2354e8c52335 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 17:32:12 -0700 Subject: [PATCH 07/17] Updates for GA --- ...osoft-defender-atp-mac-install-manually.md | 3 - ...ft-defender-atp-mac-install-with-intune.md | 3 - ...soft-defender-atp-mac-install-with-jamf.md | 5 +- ...defender-atp-mac-install-with-other-mdm.md | 3 - .../microsoft-defender-atp-mac-resources.md | 7 +- .../microsoft-defender-atp-mac-updates.md | 138 ++++++++++++++++++ .../microsoft-defender-atp-mac.md | 89 +++++------ 7 files changed, 186 insertions(+), 62 deletions(-) create mode 100644 windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index da0118cedb..48d8ae0a1d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -24,9 +24,6 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. - ## Prerequisites and system requirements Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 4a6531ad42..4e8fddc25d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -24,9 +24,6 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. - ## Prerequisites and system requirements Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index a0c446dd3f..25181a255a 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -24,9 +24,6 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. - ## Prerequisites and system requirements Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. @@ -76,7 +73,7 @@ To set the onboarding information, add a property list file with the name, _jamf >[!IMPORTANT] > You must set the Preference Domain as "com.microsoft.wdav.atp" - ![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png) +![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png) ### Approved Kernel Extension diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md index f994a4d7d4..6823f8a169 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md @@ -22,9 +22,6 @@ ms.topic: conceptual **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. - ## Prerequisites and system requirements Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 123a3b333f..5eeba44f41 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -24,9 +24,6 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. - ## Collecting diagnostic information If you can reproduce a problem, please increase the logging level, run the system for some time, and restore the logging level to the default. @@ -70,7 +67,7 @@ The detailed log will be saved to /Library/Logs/Microsoft/mdatp/install.log. If We distribute our updates via Microsoft Auto Update (MAU). You can check for MAU settings in main application's menu (Help => Check For Product Updates...): - ![MAU screenshot](images/MDATP_34_MAU.png) +![MAU screenshot](images/MDATP_34_MAU.png) **Q**: Can MDATP for Mac be updated without MAU? @@ -133,7 +130,5 @@ In the Microsoft Defender ATP portal, you'll see two categories of information: ## Known issues -- Not fully optimized for performance or disk space yet. - Full Microsoft Defender ATP integration is not available yet. -- Mac devices that switch networks may appear multiple times in the Microsoft Defender ATP portal. - Centrally managed uninstall via Intune is still in development. As an alternative, manually uninstall Microsoft Defender ATP for Mac from each client device. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md new file mode 100644 index 0000000000..e7a654f1ca --- /dev/null +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -0,0 +1,138 @@ +--- +title: Deploy updates for Microsoft Defender ATP for Mac +ms.reviewer: +description: Describes how to control updates for Microsoft Defender ATP for Mac in enterprise environments. +keywords: microsoft, defender, atp, mac, updates, deploy +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: security +ms.author: dansimp +author: dansimp +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +--- + +# Deploy updates for Microsoft Defender ATP for Mac + +Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. + +To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually. + +If you decide to deploy updates by using your software distribution tools, you should configure MAU to manually check for software updates. You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization. + +## Use msupdate + +MAU includes a command line tool, called *msupdate*, that is designed for IT administrators so that they have more precise control over when updates are applied. Instructions for how to use this tool can be found in [Update Office for Mac by using msupdate](https://docs.microsoft.com/en-us/deployoffice/mac/update-office-for-mac-using-msupdate). + +In MAU, the application identifier for Microsoft Defender ATP for Mac is *WDAV00*. To download and install the latest updates for Microsoft Defender ATP for Mac, execute the following command from a Terminal window: + +``` +./msupdate --install --apps wdav00 +``` + +## Set preferences for Microsoft AutoUpdate + +This section describes the most common preferences that can be used to configure MAU. These settings can be deployed as a configuration profile through the management console that your enterprise is using. An example of a configuration profile is shown in the following sections. + +### Set the channel name + +The channel determines the type and frequency of updates that are offered through MAU. Devices in `InsiderFast` (corresponding to the Insider Fast channel) can try out new features before devices in `External` (corresponding to the Insider Slow channel) and `Production`. + +The `Production` channel contains the most stable version of the product. + +>[!TIP] +>Microsoft recommends keeping some devices in your enterprise either in `InsiderFast` or `External` in order to preview new features and provide early feedback. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | ChannelName | +| **Data type** | String | +| **Possible values** | InsiderFast
External
Production | + +### Set update check frequency + +Change how often MAU searches for updates. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | UpdateCheckFrequency | +| **Data type** | Integer | +| **Default value** | 720 (minutes) | +| **Comment** | This value is set in minutes. | + +### Change how MAU interacts with updates + +Change how MAU searches for updates. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | HowToCheck | +| **Data type** | String | +| **Possible values** | Manual
AutomaticCheck
AutomaticDownload | +| **Comment** | Note that AutomaticDownload will do a download and install silently if possible. | + +### Disable Insider checkbox + +Set to true to make the "Join the Office Insider Program..." checkbox unavailable / greyed out to users. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | DisableInsiderCheckbox | +| **Data type** | Boolean | +| **Possible values** | False (default)
True | + +### Limit the telemetry that is sent from MAU + +Set to false to send minimal heartbeat data, no application usage, and no environment details. + +||| +|:---|:---| +| **Domain** | com.microsoft.autoupdate2 | +| **Key** | SendAllTelemetryEnabled | +| **Data type** | Boolean | +| **Possible values** | True (default)
False | + +## Example configuration profile + +The following configuration profile is used to: +- Place the device in the Insider Fast channel +- Automatically download and install updates +- Enable the "Check for updates" button in the user interface +- Allow users on the device to enroll into the Insider channels + +```XML + + + + + ChannelName + InsiderFast + HowToCheck + AutomaticDownload + EnableCheckForUpdatesButton + + DisableInsiderCheckbox + + SendAllTelemetryEnabled + + + +``` + +To configure MAU, you can deploy this configuration profile from the management tool that your enterprise is using: +- From JAMF, upload this configuration profile and set the Preference Domain to *com.microsoft.autoupdate2*. +- From Intune, upload this configuration profile and set the custom configuration profile name to *com.microsoft.autoupdate2*. + +## Resources + +- [msupdate reference](https://docs.microsoft.com/en-us/deployoffice/mac/update-office-for-mac-using-msupdate) \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index 79866deb5d..b750939cae 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -20,58 +20,33 @@ ms.topic: conceptual # Microsoft Defender Advanced Threat Protection for Mac ->[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. +This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac. -This topic describes how to install and use Microsoft Defender ATP for Mac. +> [!CAUTION] +> Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac may lead to performance problems and unpredictable side effects. -## What’s new in the public preview +## What’s new in the latest release -Since opening the limited preview, we've been working non-stop to enhance the product, by listening to customer feedback. We've reduced the time it takes for devices to appear in Microsoft Defender Security Center, immediately following deployment. We've improved threat handling, enhanced the user experience, and fixed bugs. Other updates to Microsoft Defender ATP for Mac include: +Since opening the public preview, we've been working non-stop to enhance the product, by listening to customer feedback. We've added management features and more granular controls for diagnostic data collection, refined the user experience, and fixed bugs. -- Enhanced accessibility -- Improved performance -- improved client product health monitoring -- Localization into 37 languages -- Improved anti-tampering protections -- Feedback and samples can now be submitted via the interface. -- Product health can be queried with JAMF or the command line. -- Admins can set their cloud preference for any location, not just for those in the US. +If you have any feedback, please submit it to us by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**. -## Installing and configuring - -There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. - -In general you'll need to take the following steps: - -- Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal -- Deploy Microsoft Defender ATP for Mac using one of the following deployment methods: - - Via the command line tool: - - [Manual deployment](microsoft-defender-atp-mac-install-manually.md) - - Via third party tools: - - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md) - - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) - - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md) - -Whichever method you choose, you will first need to visit the onboarding page in the Microsoft Defender ATP portal. - -Once installed, you can configure the product in your enterprise using the steps in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md). +## How to install Microsoft Defender ATP for Mac ### Prerequisites -You should have beginner-level experience in macOS and BASH scripting. You must have administrative privileges on the machine. +- You must have a Microsoft Defender ATP subscription. +- You must have access to the Microsoft Defender Security Center portal. +- You should have beginner-level experience in macOS and BASH scripting. +- If doing a manual deployment, you must have administrative privileges on the machine. -You should also have access to Microsoft Defender Security Center. - -### System Requirements - -- macOS version: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) -- Disk space during preview: 1GB - -Beta versions of macOS are not supported. +### System requirements > [!CAUTION] -> Running other third-party endpoint protection alongside Microsoft Defender ATP for Mac may lead to performance problems and unpredictable side effects. +> The three most recent released versions of macOS are supported. Beta versions of macOS are not supported. + +- macOS version: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) +- Disk space: 1GB After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints. @@ -96,8 +71,36 @@ The output from this command should look like this: > `OK https://cdn.x.cp.wd.microsoft.com/ping` -We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default. +> [!CAUTION] +> We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default. + +### Installation instructions + +There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. + +In general you'll need to take the following steps: + +- Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal +- Deploy Microsoft Defender ATP for Mac using one of the following deployment methods: + - Via third party management tools: + - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md) + - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) + - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md) + - Via the command line tool: + - [Manual deployment](microsoft-defender-atp-mac-install-manually.md) + +## How to configure Microsoft Defender ATP for Mac + +Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md). + +## How to update Microsoft Defender ATP for Mac + +Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. + +To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) ## Resources -For additional information about logging, uninstalling, or known issues, see our [Resources](microsoft-defender-atp-mac-resources.md) page. +- For additional information about logging, uninstalling, or known issues, see our [Resources](microsoft-defender-atp-mac-resources.md) page. + +- [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md) From 50da0337fc0c64014215cdc0a80f5de61f44f117 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Wed, 26 Jun 2019 17:42:53 -0700 Subject: [PATCH 08/17] Add date time in 1903 current status (#583) --- windows/release-information/status-windows-10-1903.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 22bd0cf8e0..b4cca0b008 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -21,7 +21,7 @@ sections: Find information on known issues for Windows 10, version 1903 and Windows Server, version 1903. Looking for a specific issue? Press CTRL + F (or Command + F if you are using a Mac) and enter your search term(s). -
Current status:
+		Current status as of June 18, 2019:
Windows 10, version 1903 is available for any user who manually selects “Check for updates” via Windows Update for all devices that do not have a safeguard hold. If you are not offered the update, please check below for any known issues that may affect your device. The recommended servicing status is Semi-Annual Channel.

We are now beginning to build and train the machine learning (ML) based rollout process to update devices running the April 2018 Update, and earlier versions of Windows 10, to ensure we can continue to service these devices and provide the latest updates, security updates and improvements.

Note Follow @WindowsUpdate to find out when new content is published to the release information dashboard.
From 0368015d53b5680eb663518850c37ee87e77fb74 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 17:46:50 -0700 Subject: [PATCH 09/17] Updates --- .../microsoft-defender-atp-mac.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index b750939cae..579b395796 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -38,19 +38,19 @@ If you have any feedback, please submit it to us by opening Microsoft Defender A - You must have a Microsoft Defender ATP subscription. - You must have access to the Microsoft Defender Security Center portal. - You should have beginner-level experience in macOS and BASH scripting. -- If doing a manual deployment, you must have administrative privileges on the machine. +- If doing a manual deployment, you must have administrative privileges on the device. ### System requirements > [!CAUTION] > The three most recent released versions of macOS are supported. Beta versions of macOS are not supported. -- macOS version: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) -- Disk space: 1GB +- Supported macOS versions: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) +- Disk space: 650MB After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints. -The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an **allow** rule specifically for them: +The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them: | Service | Description | URL | | -------------- | ------------------------------------ | -------------------------------------------------------------------- | @@ -89,16 +89,16 @@ In general you'll need to take the following steps: - Via the command line tool: - [Manual deployment](microsoft-defender-atp-mac-install-manually.md) -## How to configure Microsoft Defender ATP for Mac - -Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md). - ## How to update Microsoft Defender ATP for Mac Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) +## How to configure Microsoft Defender ATP for Mac + +Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md). + ## Resources - For additional information about logging, uninstalling, or known issues, see our [Resources](microsoft-defender-atp-mac-resources.md) page. From c49dc5b20dd4970c0a441edeaae5aa35c81da452 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 17:49:26 -0700 Subject: [PATCH 10/17] Remove extra newline --- .../windows-defender-antivirus/microsoft-defender-atp-mac.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index 579b395796..3295c1af20 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -70,7 +70,6 @@ The output from this command should look like this: > > `OK https://cdn.x.cp.wd.microsoft.com/ping` - > [!CAUTION] > We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default. From 281e117bd2057c6ba3ee1a52377fd5b2e8123095 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 18:03:08 -0700 Subject: [PATCH 11/17] Adjustments to upgrade documentation --- .../microsoft-defender-atp-mac-resources.md | 10 ---------- .../microsoft-defender-atp-mac-updates.md | 2 ++ .../microsoft-defender-atp-mac.md | 2 +- 3 files changed, 3 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 5eeba44f41..1a7a0843ba 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -63,16 +63,6 @@ If an error occurs during installation, the installer will only report a general The detailed log will be saved to /Library/Logs/Microsoft/mdatp/install.log. If you experience issues during installation, send us this file so we can help diagnose the cause. -## Upgrade - -We distribute our updates via Microsoft Auto Update (MAU). You can check for MAU settings in main application's menu (Help => Check For Product Updates...): - -![MAU screenshot](images/MDATP_34_MAU.png) - -**Q**: Can MDATP for Mac be updated without MAU? - -**A**: In the current release, MDATP for Mac product updates are done via MAU. While advanced manageability experts may be able to set up the product updates without MAU, this scenario is not explicitly supported. We will monitor customer interest in this scenario to evaluate its importance relative to other product advancements. - ## Uninstalling There are several ways to uninstall Microsoft Defender ATP for Mac. Please note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index e7a654f1ca..82d29d1883 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -24,6 +24,8 @@ Microsoft regularly publishes software updates to improve performance, security, To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually. +![MAU screenshot](images/MDATP_34_MAU.png) + If you decide to deploy updates by using your software distribution tools, you should configure MAU to manually check for software updates. You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization. ## Use msupdate diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index 3295c1af20..d47325da42 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -61,7 +61,7 @@ To test that a connection is not blocked, open [https://x.cp.wd.microsoft.com/ap If you prefer the command line, you can also check the connection by running the following command in Terminal: ```bash -testuser$ curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping' +curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping' ``` The output from this command should look like this: From 98f8d1df0ae24c981a5ad264077898455645f45c Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 19:22:30 -0700 Subject: [PATCH 12/17] Improve styling --- ...osoft-defender-atp-mac-install-manually.md | 26 +++++++------- ...defender-atp-mac-install-with-other-mdm.md | 36 +++++++++---------- .../microsoft-defender-atp-mac-resources.md | 4 +-- .../microsoft-defender-atp-mac.md | 22 ++++++------ 4 files changed, 43 insertions(+), 45 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index 48d8ae0a1d..1e39a95990 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -26,14 +26,14 @@ ms.topic: conceptual ## Prerequisites and system requirements -Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. +Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. ## Download installation and onboarding packages Download the installation and onboarding packages from Windows Defender Security Center: 1. In Windows Defender Security Center, go to **Settings > Machine Management > Onboarding**. -2. In Section 1 of the page, set operating system to **Linux, macOS, iOS or Android** and Deployment method to **Local script**. +2. In Section 1 of the page, set operating system to **Linux, macOS, iOS, and Android** and Deployment method to **Local script**. 3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory. 4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory. @@ -73,18 +73,18 @@ To complete this process, you must have admin privileges on the machine. ![Security and privacy window screenshot](images/MDATP_31_SecurityPrivacySettings.png) -The installation will proceed. +The installation proceeds. > [!NOTE] > If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but real-time protection will be disabled. -### Fixing disabled Real Time Protection +### Fixing disabled Real-Time Protection -If you did not enable Microsoft's driver during installation, then Defender's application will display a banner prompting you to enable it: +If you did not enable Microsoft's driver during installation, then the application displays a banner prompting you to enable it: ![RTP disabled screenshot](images/MDATP_32_Main_App_Fix.png) -You can also run ```mdatp --health```. It will report if Real Time Protection is enabled but not available: +You can also run ```mdatp --health```. It reports if Real-Time Protection is enabled but not available: ```bash mavel-mojave:~ testuser$ mdatp --health @@ -95,15 +95,15 @@ realTimeProtectionEnabled : true ``` > [!NOTE] -> You have a 30 minute window to enable Real Time Protection from the warning banner, immediately following installation. +> You have a 30 minute window to enable Real-Time Protection from the warning banner, immediately following installation. -The warning banner containing a **Fix** button, which allows you to quickly enable Real Time Protection, without having to open a command prompt. Select the **Fix** button. It will prompt the **Security & Privacy** system window, where you will have to **Allow** system software from developers "Microsoft Corporation". +The warning banner contains a **Fix** button, which allows you to quickly enable Real-Time Protection, without having to open a command prompt. Select the **Fix** button. It prompts the **Security & Privacy** system window, where you have to **Allow** system software from developers "Microsoft Corporation". -If you don't see a prompt, it means that 30 or more minutes have already passed, and Real Time Protection has still not been enabled: +If you don't see a prompt, it means that 30 or more minutes have already passed, and Real-Time Protection has still not been enabled: ![Security and privacy window after prompt expired screenshot](images/MDATP_33_SecurityPrivacySettings_NoPrompt.png) -In this case, you will need to perform the following steps to enable Real Time Protection instead. +In this case, you need to perform the following steps to enable Real-Time Protection instead. 1. In Terminal, attempt to install the driver. (The operation will fail) ```bash @@ -123,7 +123,7 @@ In this case, you will need to perform the following steps to enable Real Time P mavel-mojave:~ testuser$ sudo kextutil /Library/Extensions/wdavkext.kext ``` -The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real Time Protection is both enabled and available: +The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real-Time Protection is both enabled and available: ```bash mavel-mojave:~ testuser$ mdatp --health @@ -137,7 +137,7 @@ realTimeProtectionEnabled : true 1. Copy wdav.pkg and WindowsDefenderATPOnboarding.py to the machine where you deploy Microsoft Defender ATP for Mac. - The client machine is not associated with orgId. Note that the orgid is blank. + The client machine is not associated with orgId. Note that the *orgId* attribute is blank. ```bash mavel-mojave:wdavconfig testuser$ mdatp --health orgId @@ -150,7 +150,7 @@ realTimeProtectionEnabled : true Generating /Library/Application Support/Microsoft/Defender/com.microsoft.wdav.atp.plist ... (You may be required to enter sudos password) ``` -3. Verify that the machine is now associated with orgId: +3. Verify that the machine is now associated with your organization and reports a valid *orgId*: ```bash mavel-mojave:wdavconfig testuser$ mdatp --health orgId diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md index 6823f8a169..bce71a1e1c 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md @@ -24,13 +24,12 @@ ms.topic: conceptual ## Prerequisites and system requirements -Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. +Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. ## Approach -Your organization may use a Mobile Device Management (MDM) solution we do not officially support. -This does not mean you will be unable to deploy or run Microsoft Defender ATP for Mac. -However, we will not be able to provide support for deploying or managing Defender via these solutions. +If your organization uses a Mobile Device Management (MDM) solution that is not officially supported, this does not mean you are unable to deploy or run Microsoft Defender ATP for Mac. +However, Microsoft is not able to provide support for deploying or managing Defender via these solutions. Microsoft Defender ATP for Mac does not depend on any vendor-specific features. It can be used with any MDM solution that supports the following features: @@ -40,39 +39,38 @@ Microsoft Defender ATP for Mac does not depend on any vendor-specific features. The majority of modern MDM solutions include these features, however, they may call them differently. -You can deploy Defender without the last requirement from the list above, however: +You can deploy Defender without the last requirement from the preceding list, however: -- You won't be able to collect status in a centralized way +- You will not be able to collect status in a centralized way - If you decide to uninstall Defender, you'll need to logon to the client machine locally as an administrator ## Deployment -Most MDM solution use the same model for managing macOS machines, with similar terminology. -Use [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) as a template. +Most MDM solutions use the same model for managing macOS machines, with similar terminology. Use [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) as a template. ### Package Configure deployment of a [required application package](microsoft-defender-atp-mac-install-with-jamf.md#package), -with the installation package (wdav.pkg) downloaded from [ATP](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). +with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). -Your MDM solution can allow you uploading of an arbitrary application package, or require you to wrap it into a custom package first. +Use the instructions associated with your MDM solution to deploy the package to your enterprise. ### License settings -Setup [a system configuration profile](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile). +Set up [a system configuration profile](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile). Your MDM solution may call it something like "Custom Settings Profile", as Microsoft Defender ATP for Mac is not part of macOS. -Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can extracted from an onboarding package downloaded from [ATP](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). -Your system may support an arbitrary property list in XML format. You can just upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case. +Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can extracted from an onboarding package downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). +Your system may support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case. Alternatively, it may require you to convert the property list to a different format first. -Note that your custom profile would have an id, name or domain attribute. You must use exactly "com.microsoft.wdav.atp". -MDM will use it to deploy the settings file to **/Library/Managed Preferences/com.microsoft.wdav.atp.plist** on a client machine, and Defender will use this file for loading onboarding info. +Typically, your custom profile has an id, name, or domain attribute. You must use exactly "com.microsoft.wdav.atp" for this value. +MDM uses it to deploy the settings file to **/Library/Managed Preferences/com.microsoft.wdav.atp.plist** on a client machine, and Defender uses this file for loading the onboarding info. -### KEXT +### Kernel extension (kext) policy -Setup a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to whitelist kernel extensions provided by Microsoft. +Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to whitelist kernel extensions provided by Microsoft. -## Was it successful? +## Check installation status -Run [mdatp](microsoft-defender-atp-mac-install-with-jamf.md#check-onboarding-status) on a client machine. +Run [mdatp](microsoft-defender-atp-mac-install-with-jamf.md#check-onboarding-status) on a client machine to check the onboarding status. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 1a7a0843ba..0e4593abf7 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -67,7 +67,7 @@ The detailed log will be saved to /Library/Logs/Microsoft/mdatp/install.log. If There are several ways to uninstall Microsoft Defender ATP for Mac. Please note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune. -### Within the GUI +### Interactive uninstallation - Open **Finder > Applications**. Right click on **Microsoft Defender ATP > Move to Trash**. @@ -101,7 +101,7 @@ Important tasks, such as controlling product settings and triggering on-demand s In the Microsoft Defender ATP portal, you'll see two categories of information: -- AV alerts, including: +- Antivirus alerts, including: - Severity - Scan type - Device information (hostname, machine identifier, tenant identifier, app version, and OS type) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index d47325da42..5f97a57723 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -27,9 +27,9 @@ This topic describes how to install, configure, update, and use Microsoft Defend ## What’s new in the latest release -Since opening the public preview, we've been working non-stop to enhance the product, by listening to customer feedback. We've added management features and more granular controls for diagnostic data collection, refined the user experience, and fixed bugs. +Since the announcement of the public preview, Microsoft has been working non-stop to enhance the product, by listening to customer feedback. We've added management features and more granular controls for diagnostic data collection, refined the user experience, and fixed bugs. -If you have any feedback, please submit it to us by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**. +If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**. ## How to install Microsoft Defender ATP for Mac @@ -38,7 +38,7 @@ If you have any feedback, please submit it to us by opening Microsoft Defender A - You must have a Microsoft Defender ATP subscription. - You must have access to the Microsoft Defender Security Center portal. - You should have beginner-level experience in macOS and BASH scripting. -- If doing a manual deployment, you must have administrative privileges on the device. +- In case of manual deployment, you must have administrative privileges on the device. ### System requirements @@ -46,11 +46,11 @@ If you have any feedback, please submit it to us by opening Microsoft Defender A > The three most recent released versions of macOS are supported. Beta versions of macOS are not supported. - Supported macOS versions: 10.14 (Mojave), 10.13 (High Sierra), 10.12 (Sierra) -- Disk space: 650MB +- Disk space: 650 MB After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints. -The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them: +The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them: | Service | Description | URL | | -------------- | ------------------------------------ | -------------------------------------------------------------------- | @@ -64,7 +64,7 @@ If you prefer the command line, you can also check the connection by running the curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'https://cdn.x.cp.wd.microsoft.com/ping' ``` -The output from this command should look like this: +The output from this command should be similar to the following: > `OK https://x.cp.wd.microsoft.com/api/report` > @@ -77,15 +77,15 @@ The output from this command should look like this: There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac. -In general you'll need to take the following steps: +In general you need to take the following steps: -- Ensure you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal +- Ensure that you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal - Deploy Microsoft Defender ATP for Mac using one of the following deployment methods: - - Via third party management tools: + - Via third-party management tools: - [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md) - [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) - [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md) - - Via the command line tool: + - Via the command-line tool: - [Manual deployment](microsoft-defender-atp-mac-install-manually.md) ## How to update Microsoft Defender ATP for Mac @@ -100,6 +100,6 @@ Guidance for how to configure the product in enterprise environments is availabl ## Resources -- For additional information about logging, uninstalling, or known issues, see our [Resources](microsoft-defender-atp-mac-resources.md) page. +- For more information about logging, uninstalling, or known issues, see the [Resources](microsoft-defender-atp-mac-resources.md) page. - [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md) From 0df0042122fd78d646dd167c8f7d55f065968eaf Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 19:36:32 -0700 Subject: [PATCH 13/17] More styling improvements --- ...defender-atp-mac-install-with-other-mdm.md | 26 ++++++++++--------- 1 file changed, 14 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md index bce71a1e1c..590ff40cef 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md @@ -1,6 +1,6 @@ --- title: Installing Microsoft Defender ATP for Mac with different MDM product -description: Describes how to install Microsoft Defender ATP for Mac, using an unsupported MDM solution. +description: Describes how to install Microsoft Defender ATP for Mac on other management solutions. keywords: microsoft, defender, atp, mac, installation, deploy, macos, mojave, high sierra, sierra search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -17,7 +17,7 @@ ms.collection: M365-security-compliance ms.topic: conceptual --- -# Deployment with a different MDM system +# Deployment with a different Mobile Device Management (MDM) system **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) @@ -28,21 +28,23 @@ Before you get started, see [the main Microsoft Defender ATP for Mac page](micro ## Approach +> [!CAUTION] +> Currently, Microsoft oficially supports only Intune and JAMF for the deployment and management of Microsoft Defender ATP for Mac. Microsoft makes no warranties, express or implied, with respect to the information provided below. + If your organization uses a Mobile Device Management (MDM) solution that is not officially supported, this does not mean you are unable to deploy or run Microsoft Defender ATP for Mac. -However, Microsoft is not able to provide support for deploying or managing Defender via these solutions. Microsoft Defender ATP for Mac does not depend on any vendor-specific features. It can be used with any MDM solution that supports the following features: -- Deploying a macOS .pkg to managed machines. -- Deploying macOS system configuration profiles to managed machines. -- Running an arbitrary admin-configured tool/script on managed machines. +- Deploy a macOS .pkg to managed machines. +- Deploy macOS system configuration profiles to managed machines. +- Run an arbitrary admin-configured tool/script on managed machines. -The majority of modern MDM solutions include these features, however, they may call them differently. +Most modern MDM solutions include these features, however, they may call them differently. You can deploy Defender without the last requirement from the preceding list, however: - You will not be able to collect status in a centralized way -- If you decide to uninstall Defender, you'll need to logon to the client machine locally as an administrator +- If you decide to uninstall Defender, you will need to logon to the client machine locally as an administrator ## Deployment @@ -53,21 +55,21 @@ Most MDM solutions use the same model for managing macOS machines, with similar Configure deployment of a [required application package](microsoft-defender-atp-mac-install-with-jamf.md#package), with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). -Use the instructions associated with your MDM solution to deploy the package to your enterprise. +In order to deploy the package to your enterprise, use the instructions associated with your MDM solution. ### License settings Set up [a system configuration profile](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile). Your MDM solution may call it something like "Custom Settings Profile", as Microsoft Defender ATP for Mac is not part of macOS. -Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can extracted from an onboarding package downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). +Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages). Your system may support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case. Alternatively, it may require you to convert the property list to a different format first. Typically, your custom profile has an id, name, or domain attribute. You must use exactly "com.microsoft.wdav.atp" for this value. -MDM uses it to deploy the settings file to **/Library/Managed Preferences/com.microsoft.wdav.atp.plist** on a client machine, and Defender uses this file for loading the onboarding info. +MDM uses it to deploy the settings file to **/Library/Managed Preferences/com.microsoft.wdav.atp.plist** on a client machine, and Defender uses this file for loading the onboarding information. -### Kernel extension (kext) policy +### Kernel extension policy Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to whitelist kernel extensions provided by Microsoft. From 060dfded022098d7c0c6b26ad2377595b98df9dc Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 19:47:06 -0700 Subject: [PATCH 14/17] Improve Intune wording --- ...ft-defender-atp-mac-install-with-intune.md | 26 +++++++++---------- 1 file changed, 13 insertions(+), 13 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 4e8fddc25d..d79278a2a6 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -26,14 +26,14 @@ ms.topic: conceptual ## Prerequisites and system requirements -Before you get started, please see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. +Before you get started, see [the main Microsoft Defender ATP for Mac page](microsoft-defender-atp-mac.md) for a description of prerequisites and system requirements for the current software version. ## Download installation and onboarding packages Download the installation and onboarding packages from Microsoft Defender Security Center: 1. In Microsoft Defender Security Center, go to **Settings** > **Device Management** > **Onboarding**. -2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS or Android** and the deployment method to **Mobile Device Management / Microsoft Intune**. +2. In Section 1 of the page, set the operating system to **Linux, macOS, iOS, or Android** and the deployment method to **Mobile Device Management / Microsoft Intune**. 3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory. 4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory. 5. Download **IntuneAppUtil** from [https://docs.microsoft.com/intune/lob-apps-macos](https://docs.microsoft.com/intune/lob-apps-macos). @@ -82,19 +82,19 @@ Download the installation and onboarding packages from Microsoft Defender Securi You need no special provisioning for a Mac device beyond a standard [Company Portal installation](https://docs.microsoft.com/intune-user-help/enroll-your-device-in-intune-macos-cp). -1. You'll be asked to confirm device management. +1. You are asked to confirm device management. ![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png) -Select **Open System Preferences**, locate **Management Profile** on the list and select **Approve...**. Your Management Profile would be displayed as **Verified**: +Select **Open System Preferences**, locate **Management Profile** on the list, and select **Approve...**. Your Management Profile would be displayed as **Verified**: ![Management profile screenshot](images/MDATP_4_ManagementProfile.png) 2. Select **Continue** and complete the enrollment. -You may now enroll additional devices. You can also enroll them later, after you have finished provisioning system configuration and application packages. +You may now enroll more devices. You can also enroll them later, after you have finished provisioning system configuration and application packages. -3. In Intune, open **Manage** > **Devices** > **All devices**. You'll see your device among those listed: +3. In Intune, open **Manage** > **Devices** > **All devices**. Here you can see your device among those listed: ![Add Devices screenshot](images/MDATP_5_allDevices.png) @@ -102,17 +102,17 @@ You may now enroll additional devices. You can also enroll them later, after you 1. In Intune, open **Manage** > **Device configuration**. Select **Manage** > **Profiles** > **Create Profile**. 2. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Custom**. Select **Configure**. -3. Open the configuration profile and upload intune/kext.xml. This file was created during the Generate settings step above. +3. Open the configuration profile and upload intune/kext.xml. This file was created in one of the preceding sections. 4. Select **OK**. ![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png) 5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. -6. Repeat steps 1 through 5 for additional profiles. +6. Repeat steps 1 through 5 for more profiles. 7. Create a new profile one more time, give it a name, and upload the intune/WindowsDefenderATPOnboarding.xml file. 8. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. -Once the Intune changes are propagated to the enrolled devices, you'll see them listed under **Monitor** > **Device status**: +Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**: ![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png) @@ -135,11 +135,11 @@ Once the Intune changes are propagated to the enrolled devices, you'll see them ![Client apps screenshot](images/MDATP_10_ClientApps.png) 8. Change **Assignment type** to **Required**. -9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Select **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**. +9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Click **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**. ![Intune assignments info screenshot](images/MDATP_11_Assignments.png) -10. After some time the application will be published to all enrolled devices. You'll see it listed on **Monitor** > **Device**, under **Device install status**: +10. After some time the application will be published to all enrolled devices. You can see it listed in **Monitor** > **Device**, under **Device install status**: ![Intune device status screenshot](images/MDATP_12_DeviceInstall.png) @@ -150,7 +150,7 @@ Once the Intune changes are propagated to the enrolled devices, you'll see them ![System Preferences screenshot](images/MDATP_13_SystemPreferences.png) ![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png) -2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that we added in Intune.: +2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that were added in Intune: ![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png) 3. You should also see the Microsoft Defender icon in the top-right corner: @@ -159,7 +159,7 @@ Once the Intune changes are propagated to the enrolled devices, you'll see them ## Logging installation issues -See [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs. +For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) . ## Uninstallation From 8ae418b9c562ac84fad583576949ef1fe05751f7 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 19:49:16 -0700 Subject: [PATCH 15/17] Update --- .../microsoft-defender-atp-mac.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index 5f97a57723..facd39ba50 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -35,10 +35,10 @@ If you have any feedback that you would like to share, submit it by opening Micr ### Prerequisites -- You must have a Microsoft Defender ATP subscription. -- You must have access to the Microsoft Defender Security Center portal. -- You should have beginner-level experience in macOS and BASH scripting. -- In case of manual deployment, you must have administrative privileges on the device. +- Microsoft Defender ATP subscription +- Access to the Microsoft Defender Security Center portal +- Beginner-level experience in macOS and BASH scripting +- Administrative privileges on the device (in case of manual deployment) ### System requirements From 44814ce4520d3f325c121e094d7985460821ff3c Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 19:53:09 -0700 Subject: [PATCH 16/17] Add standard header to new pages --- .../microsoft-defender-atp-mac-preferences.md | 4 ++++ .../microsoft-defender-atp-mac-privacy.md | 4 ++++ .../microsoft-defender-atp-mac-updates.md | 4 ++++ 3 files changed, 12 insertions(+) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md index fd571e3bb9..281cd10225 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md @@ -20,6 +20,10 @@ ms.topic: conceptual # Set preferences for Microsoft Defender ATP for Mac +**Applies to:** + +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) + >[!IMPORTANT] >This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](microsoft-defender-atp-mac-resources.md#configuring-from-the-command-line) page. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md index e86f43b048..f14957dcc4 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md @@ -20,6 +20,10 @@ ms.topic: conceptual # Privacy for Microsoft Defender ATP for Mac +**Applies to:** + +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) + Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Microsoft Defender ATP for Mac. This topic describes the privacy controls available within the product, how to manage these controls with policy settings and more details on the data events that are collected. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index 82d29d1883..90156e2c22 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -20,6 +20,10 @@ ms.topic: conceptual # Deploy updates for Microsoft Defender ATP for Mac +**Applies to:** + +[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) + Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually. From 9db07a0070983d8ce2945f26eb418bf7f040d458 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Wed, 26 Jun 2019 20:21:09 -0700 Subject: [PATCH 17/17] Cosmetic updates --- .../microsoft-defender-atp-mac-install-manually.md | 2 +- .../microsoft-defender-atp-mac-install-with-intune.md | 2 +- .../microsoft-defender-atp-mac-install-with-jamf.md | 2 +- .../microsoft-defender-atp-mac-install-with-other-mdm.md | 3 ++- .../microsoft-defender-atp-mac-preferences.md | 2 +- .../microsoft-defender-atp-mac-privacy.md | 2 +- .../microsoft-defender-atp-mac-resources.md | 2 +- .../microsoft-defender-atp-mac-updates.md | 2 +- 8 files changed, 9 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index 1e39a95990..3963464f4e 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index d79278a2a6..9565fa13e5 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index 25181a255a..7105a86af8 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md index 590ff40cef..91a5f56395 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md @@ -20,7 +20,8 @@ ms.topic: conceptual # Deployment with a different Mobile Device Management (MDM) system **Applies to:** -- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) + +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md index 281cd10225..7087ac45f5 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] >This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](microsoft-defender-atp-mac-resources.md#configuring-from-the-command-line) page. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md index f14957dcc4..eb3359531d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) Microsoft is committed to providing you with the information and controls you need to make choices about how your data is collected and used when you’re using Microsoft Defender ATP for Mac. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 0e4593abf7..59485467ff 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) ## Collecting diagnostic information diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md index 90156e2c22..5903433187 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md @@ -22,7 +22,7 @@ ms.topic: conceptual **Applies to:** -[Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) +- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) Microsoft regularly publishes software updates to improve performance, security, and to deliver new features.