From d7203ff907561fcf4571e892eae34e64e99befe1 Mon Sep 17 00:00:00 2001 From: VARADHARAJAN K <3296790+RAJU2529@users.noreply.github.com> Date: Tue, 9 Mar 2021 23:51:51 +0530 Subject: [PATCH 1/9] removed invalid links, added two correct links as per user report #9279 , so i removed two invalid links and added new links --- .../microsoft-defender-atp/live-response-command-examples.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md index 80665010c7..cb7c9a9f7b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md +++ b/windows/security/threat-protection/microsoft-defender-atp/live-response-command-examples.md @@ -105,8 +105,8 @@ getfile c:\Users\user\Desktop\work.txt -auto > > The following file types **cannot** be downloaded using this command from within Live Response: > -> * [Reparse point files](/windows/desktop/fileio/reparse-points/) -> * [Sparse files](/windows/desktop/fileio/sparse-files/) +> * [Reparse point files](https://docs.microsoft.com/windows/win32/fileio/reparse-points) +> * [Sparse files](https://docs.microsoft.com/windows/win32/fileio/sparse-files) > * Empty files > * Virtual files, or files that are not fully present locally > From 15e9a411fce64546f8572b29691f782b3f4badb1 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Wed, 17 Mar 2021 10:52:20 -0700 Subject: [PATCH 2/9] removed links to dead scripts and put in suggested material from SMEs --- .../deployment/update/windows-update-resources.md | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 394b329d5d..768a313906 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -39,9 +39,18 @@ The following resources provide additional information about using Windows Updat ## How do I reset Windows Update components? -[Reset Windows Update Client settings script](https://gallery.technet.microsoft.com/scriptcenter/Reset-WindowsUpdateps1-e0c5eb78) will completely reset the Windows Update client settings. It has been tested on Windows 7, 8, 10, and Windows Server 2012 R2. It will configure the services and registry keys related to Windows Update for default settings. It will also clean up files related to Windows Update, in addition to BITS related data. +- Try using the [Windows Update Troubleshooter](https://support.microsoft.com/windows/windows-update-troubleshooter-for-windows-10-19bc41ca-ad72-ae67-af3c-89ce169755dd). +- Try the steps in [Troubleshoot problems updating Windows 10](https://support.microsoft.com/windows/troubleshoot-problems-updating-windows-10-188c2b0f-10a7-d72f-65b8-32d177eb136c). +- Try the steps in [Fix Windows Update](https://support.microsoft.com/sbs/windows/fix-windows-update-errors-18b693b5-7818-5825-8a7e-2a4a37d6d787) errors. + +If all else fails, try resetting the Windows Update Agent by running these commands from an elevated command prompt: + + ``` console + net stop wuauserv + rd /s /q %systemroot%\SoftwareDistribution + net start wuauserv + ``` -[Reset Windows Update Agent script](https://gallery.technet.microsoft.com/scriptcenter/Reset-Windows-Update-Agent-d824badc) allows you to reset the Windows Update Agent, resolving issues with Windows Update. ## Reset Windows Update components manually From 3d4d40cd32b677b960bbd6ed63879b46fcb1ae30 Mon Sep 17 00:00:00 2001 From: jaimeo Date: Wed, 17 Mar 2021 11:15:57 -0700 Subject: [PATCH 3/9] small edit based on feedback --- windows/deployment/update/windows-update-resources.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/deployment/update/windows-update-resources.md b/windows/deployment/update/windows-update-resources.md index 768a313906..b9eb08a9e3 100644 --- a/windows/deployment/update/windows-update-resources.md +++ b/windows/deployment/update/windows-update-resources.md @@ -39,7 +39,7 @@ The following resources provide additional information about using Windows Updat ## How do I reset Windows Update components? -- Try using the [Windows Update Troubleshooter](https://support.microsoft.com/windows/windows-update-troubleshooter-for-windows-10-19bc41ca-ad72-ae67-af3c-89ce169755dd). +- Try using the [Windows Update Troubleshooter](https://support.microsoft.com/windows/windows-update-troubleshooter-for-windows-10-19bc41ca-ad72-ae67-af3c-89ce169755dd), which will analyze the situation and reset any components that need it. - Try the steps in [Troubleshoot problems updating Windows 10](https://support.microsoft.com/windows/troubleshoot-problems-updating-windows-10-188c2b0f-10a7-d72f-65b8-32d177eb136c). - Try the steps in [Fix Windows Update](https://support.microsoft.com/sbs/windows/fix-windows-update-errors-18b693b5-7818-5825-8a7e-2a4a37d6d787) errors. From b512306d5a703408ddc68a342c202875cb61c92b Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Thu, 18 Mar 2021 16:45:34 +0200 Subject: [PATCH 4/9] Update configure-siem.md --- .../threat-protection/microsoft-defender-atp/configure-siem.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md index b42807a66d..4f7163eff0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md @@ -47,7 +47,7 @@ To use either of these supported SIEM tools, you'll need to: - [Enable SIEM integration in Defender for Endpoint](enable-siem-integration.md) - Configure the supported SIEM tool: - - [Configure HP ArcSight to pull Defender for Endpoint detections](configure-arcsight.md) + - [Configure Micro Focus ArcSight to pull Defender for Endpoint detections](configure-arcsight.md) - Configure IBM QRadar to pull Defender for Endpoint detections For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1). For more information on the list of fields exposed in the Detection API see, [Defender for Endpoint Detection fields](api-portal-mapping.md). From ccd40d6cd74dc7f3bfee94d3bbcae5c1b3bb3a34 Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Thu, 18 Mar 2021 16:49:22 +0200 Subject: [PATCH 5/9] Update configure-siem.md --- .../threat-protection/microsoft-defender-atp/configure-siem.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md index 4f7163eff0..66054db1e1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-siem.md @@ -50,7 +50,7 @@ To use either of these supported SIEM tools, you'll need to: - [Configure Micro Focus ArcSight to pull Defender for Endpoint detections](configure-arcsight.md) - Configure IBM QRadar to pull Defender for Endpoint detections For more information, see [IBM Knowledge Center](https://www.ibm.com/support/knowledgecenter/SS42VS_DSM/com.ibm.dsm.doc/c_dsm_guide_MS_Win_Defender_ATP_overview.html?cp=SS42VS_7.3.1). -For more information on the list of fields exposed in the Detection API see, [Defender for Endpoint Detection fields](api-portal-mapping.md). +For more information on the list of fields exposed in the Detection API, see [Defender for Endpoint Detection fields](api-portal-mapping.md). From c66f42d3342171646f33d1dfc5b14f235c2e8e37 Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Thu, 18 Mar 2021 18:25:16 +0200 Subject: [PATCH 6/9] Update preview.md Removing features that are no longer in preview. --- .../threat-protection/microsoft-defender-atp/preview.md | 8 -------- 1 file changed, 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index 845231f559..1559814e71 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -64,14 +64,6 @@ The following features are included in the preview release: - [Device health and compliance report](machine-reports.md)
The device health and compliance report provides high-level information about the devices in your organization. -- [Information protection](information-protection-in-windows-overview.md)
-Information protection is an integral part of Microsoft 365 Enterprise suite, providing intelligent protection to keep sensitive data secure while enabling productivity in the workplace. Microsoft Defender for Endpoint is seamlessly integrated in Microsoft Threat Protection to provide a complete and comprehensive data loss prevention (DLP) solution for Windows devices. - - >[!NOTE] - >Partially available from Windows 10, version 1809. - -- [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-version-1803-and-windows-server-2019)
Microsoft Defender for Endpoint now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client devices. - > [!TIP] > Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-belowfoldlink) From bc06b5dda74a13914155a89d004ac1a081becae7 Mon Sep 17 00:00:00 2001 From: adirdidi <68847945+adirdidi@users.noreply.github.com> Date: Thu, 18 Mar 2021 18:29:48 +0200 Subject: [PATCH 7/9] Update preview.md --- .../threat-protection/microsoft-defender-atp/preview.md | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index 1559814e71..0febc465a0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -31,14 +31,11 @@ ms.technology: mde - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2154037) - [Microsoft 365 Defender](https://go.microsoft.com/fwlink/?linkid=2118804) -> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-exposedapis-abovefoldlink) +> Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink) The Defender for Endpoint service is constantly being updated to include new feature enhancements and capabilities. -> [!TIP] -> Want to experience Defender for Endpoint? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-preview-abovefoldlink) - Learn about new features in the Defender for Endpoint preview release and be among the first to try upcoming features by turning on the preview experience. >[!TIP] From 7d0e5d30443ea8b053c739206d431006e14f714e Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 18 Mar 2021 10:49:57 -0700 Subject: [PATCH 8/9] Add release notes for MDE for Mac 101.23.64 --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index a7440b08d2..a1769aa84a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -36,6 +36,11 @@ ms.technology: mde > [!IMPORTANT] > Support for macOS 10.13 (High Sierra) has been discontinued on February 15th, 2021. +## 101.23.64 (20.121021.12364.0) + +- Added a new option to the command-line tool to view information about the last on-demand scan. To view information about the last on-demand scan, run `mdatp health --details antivirus` +- Performance improvements & bug fixes + ## 101.22.79 (20.121012.12279.0) - Performance improvements & bug fixes From 0b1923162ba1fd1b3e4beb30eb147e63d44b3bd9 Mon Sep 17 00:00:00 2001 From: Thomas Raya Date: Thu, 18 Mar 2021 12:11:44 -0700 Subject: [PATCH 9/9] Update TOC.md --- windows/client-management/mdm/TOC.md | 19 ++++++++++--------- 1 file changed, 10 insertions(+), 9 deletions(-) diff --git a/windows/client-management/mdm/TOC.md b/windows/client-management/mdm/TOC.md index f8d9e83171..149457d576 100644 --- a/windows/client-management/mdm/TOC.md +++ b/windows/client-management/mdm/TOC.md @@ -159,15 +159,16 @@ ### [Personalization CSP](personalization-csp.md) #### [Personalization DDF file](personalization-ddf.md) ### [Policy CSP](policy-configuration-service-provider.md) -#### [Policy DDF file](policy-ddf-file.md) -#### [Policies in Policy CSP supported by Group Policy](policy-csps-supported-by-group-policy.md) -#### [ADMX-backed policies in Policy CSP](policy-csps-admx-backed.md) -#### [Policies in Policy CSP supported by HoloLens 2](policy-csps-supported-by-hololens2.md) -#### [Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite](policy-csps-supported-by-hololens-1st-gen-commercial-suite.md) -#### [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policy-csps-supported-by-hololens-1st-gen-development-edition.md) -#### [Policies in Policy CSP supported by Windows 10 IoT Core](policy-csps-supported-by-iot-core.md) -#### [Policies in Policy CSP supported by Microsoft Surface Hub](policy-csps-supported-by-surface-hub.md) -#### [Policy CSPs that can be set using Exchange Active Sync (EAS)](policy-csps-that-can-be-set-using-eas.md) +#### [Policy CSP DDF file](policy-ddf-file.md) +#### [Policies in Policy CSP supported by Group Policy](policies-in-policy-csp-supported-by-group-policy.md) +#### [ADMX-backed policies in Policy CSP](policies-in-policy-csp-admx-backed.md) +#### [Policies in Policy CSP supported by HoloLens 2](policies-in-policy-csp-supported-by-hololens2.md) +#### [Policies in Policy CSP supported by HoloLens (1st gen) Commercial Suite](policies-in-policy-csp-supported-by-hololens-1st-gen-commercial-suite.md) +#### [Policies in Policy CSP supported by HoloLens (1st gen) Development Edition](policies-in-policy-csp-supported-by-hololens-1st-gen-development-edition.md) +#### [Policies in Policy CSP supported by Windows 10 IoT Enterprise](policies-in-policy-csp-supported-by-iot-enterprise.md) +#### [Policies in Policy CSP supported by Windows 10 IoT Core](policies-in-policy-csp-supported-by-iot-core.md) +#### [Policies in Policy CSP supported by Microsoft Surface Hub](policies-in-policy-csp-supported-by-surface-hub.md) +#### [Policy CSPs that can be set using Exchange Active Sync (EAS)](policies-in-policy-csp-that-can-be-set-using-eas.md) #### [AboveLock](policy-csp-abovelock.md) #### [Accounts](policy-csp-accounts.md) #### [ActiveXControls](policy-csp-activexcontrols.md)