deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-06-20 12:53:38 +00:00
Code Issues Actions 3 Packages Projects Releases Wiki Activity

Merge branch 'master' into MDBranch20H1PoliciesAudit

Browse Source
This commit is contained in:
ManikaDhiman
2019-09-24 14:00:59 -07:00
parent 6cc47dc5bb 1dc93010de
commit 41b9d5401f
6 changed files with 35 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
windows/release-information/windows-message-center.yml
View File

@ -50,9 +50,9 @@ sections:
text: "
<table border ='0'><tr><td width='80%'>Message</td><td width='20%'>Date</td></tr>
<tr><td><a href = 'https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367' target='_blank'><b>Advisory: Scripting Engine Memory Corruption Vulnerability (CVE-2019-1367)</b></a><br><div>On September 23, 2019, Microsoft released a security update to address a remote code execution vulnerability in the way the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could gain the same user permissions as the current user. For example, if a user is logged on with administrative rights, an attacker could take control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.&nbsp;Alternatively, an attacker could host a specially crafted website targeting Internet Explorer and then entice a user to open web page or a malicious document attached to an e-mail. For more information about the vulnerability, see the Microsoft Security Guide&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability.&nbsp;</a></div><div>&nbsp;</div><div>Mitigation for this vulnerability is available from the&nbsp;<a href=\"https://portal.msrc.microsoft.com\" target=\"_blank\">Microsoft Security Update Guide</a>. Additionally, on September 24, 2019, mitigation for this vulnerability will be available via Windows Update (WU) and Windows Server Update Services (WSUS) as part of the 9C optional update for all supported versions of Windows, with the exception of Windows 10, version 1903. For devices running Windows 10, version 1903, mitigation for this vulnerability will be available via Windows Update and WSUS as part of the optional 9D update (targeted for September 26, 2019.) You can get the update in Windows via <strong>Settings &gt; Windows Update &gt; Check for Updates</strong>. (Note: Because this update requires a reboot, we are making it optional to give customers and administrators a choice to install/deploy the update now.)</div><div><br></div><div>For the best protection, we recommend you apply the latest Windows updates and follow security best practices and do not open attachments or documents from an untrusted&nbsp;source. For more information about the vulnerability, see the Microsoft Security Guide:&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div></td><td>September 24, 2019 <br>11:00 AM PT</td></tr>
<tr><td><b>Status update: September 2019 Windows \"C\" optional release available</b><br><div>The September 2019 optional monthly “C” release for all supported versions of Windows is now available. For more information on the different types of monthly quality updates, see our <a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow&nbsp;<a href=\"https://twitter.com/windowsupdate\" target=\"_blank\">@WindowsUpdate</a>&nbsp;for the latest on the availability of this release.</div></td><td>September 24, 2019 <br>08:10 AM PT</td></tr>
<tr><td><b>Plan for change: Windows Media Center Electronic Program Guide retiring in January 2020</b><br><div>Starting in January 2020, Microsoft is retiring its Electronic Program Guide (EPG) service for all versions of Windows Media Center. To continue receiving TV Program Guide information on your Windows Media Center, youll need to configure an alternate TV listing provider.</div></td><td>September 24, 2019 <br>08:00 AM PT</td></tr>
<tr><td><a href = 'https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367' target='_blank'><b>Advisory: Scripting Engine Memory Corruption Vulnerability (CVE-2019-1367)</b></a><br><div>On September 23, 2019, Microsoft released a security update to address a remote code execution vulnerability in the way the scripting engine handles objects in memory in Internet Explorer. An attacker who successfully exploited the vulnerability could gain the same user permissions as the current user. For example, if a user is logged on with administrative rights, an attacker could take control of an affected system and install programs; view, change, or delete data; or create new accounts with full user rights.&nbsp;Alternatively, an attacker could host a specially crafted website targeting Internet Explorer and then entice a user to open web page or a malicious document attached to an e-mail. For more information about the vulnerability, see the Microsoft Security Guide&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div><div>&nbsp;</div><div>Mitigation for this vulnerability is available from the&nbsp;<a href=\"https://portal.msrc.microsoft.com\" target=\"_blank\">Microsoft Security Update Guide</a>. For the best protection, we recommend you apply the latest Windows updates and follow security best practices and do not open attachments or documents from an untrusted&nbsp;source. For more information about the vulnerability, see the Microsoft Security Guide:&nbsp;<a href=\"https://portal.msrc.microsoft.com/security-guidance/advisory/CVE-2019-1367\" target=\"_blank\">CVE-2019-1367 | Scripting Engine Memory Corruption Vulnerability</a>.&nbsp;</div></td><td>September 22, 2019 <br>11:00 AM PT</td></tr>
<tr><td><b>Status of September 2019 “C” release</b><br><div>The optional monthly “C” release for September 2019 for all supported versions of Windows and Windows Server prior to Windows 10, version 1903 and Windows Server, version 1903 will be available in the near term. For more information on the different types of monthly quality updates, see our&nbsp;<a href=\"https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-10-update-servicing-cadence/ba-p/222376\" target=\"_blank\">Windows 10 update servicing cadence primer</a>. Follow <a href=\"https://twitter.com/windowsupdate\" target=\"_blank\"><u>@WindowsUpdate</u></a> for the latest on the availability of this release.</div></td><td>September 19, 2019 <br>04:11 PM PT</td></tr>
<tr><td><b>Plan for change: End of service reminders for Windows 10, versions 1703 and 1803</b><br><div>The&nbsp;Enterprise and Education editions of Windows 10, version 1703 (the Creators Update)&nbsp;will reach end of service on October 8, 2019. The Home, Pro, Pro for Workstations, and IoT Core editions of&nbsp;Windows 10, version 1803&nbsp;(the April 2018 Update) will reach end of service on November 12, 2019. We recommend that you update&nbsp;devices running these versions and editions&nbsp;to the latest version of Windows 10—Windows 10, version 1903—as soon as possible to help keep them protected and your environments secure.</div></td><td>September 13, 2019 <br>03:23 PM PT</td></tr>
<tr><td><b>September 2019 security update available for all supported versions of Windows</b><br><div>The September 2019 security update release, referred to as our “B” release, is now available for Windows 10, version 1903 and all supported versions of Windows. We recommend that you install these updates promptly. To be informed about the latest updates and releases, follow us on Twitter&nbsp;<a href=\"https://twitter.com/windowsupdate\" target=\"_blank\">@WindowsUpdate</a>.</div></td><td>September 10, 2019 <br>09:34 AM PT</td></tr>

13
windows/security/threat-protection/microsoft-defender-atp/configuration-score.md
View File

@ -52,6 +52,19 @@ The goal is to remediate the issues in the security recommendations list to impr
See how you can [improve your security configuration](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios#improve-your-security-configuration), for details.
>[!IMPORTANT]
>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
>
>To download the security updates:
>1. Go to [Microsoft Update Catalog](http://www.catalog.update.microsoft.com/home.aspx).
>2. Key-in the security update KB number that you need to download, then click **Search**.
>
>Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
## Related topics
- [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md)
- [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md)

4
windows/security/threat-protection/microsoft-defender-atp/next-gen-threat-and-vuln-mgt.md
View File

@ -1,7 +1,7 @@
---
title: Next-generation Threat & Vulnerability Management
title: Threat & Vulnerability Management
description: This new capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
keywords: threat and vulnerability management, MDATP-TVM, vulnerability management, threat and vulnerability scanning
keywords: threat & vulnerability management, threat and vulnerability management, MDATP TVM, MDATP-TVM, vulnerability management, vulnerability assessment, threat and vulnerability scanning, secure configuration asessment, windows defender atp, microsoft defender atp, endpoint vulnerabilities
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10

2
windows/security/threat-protection/microsoft-defender-atp/preview.md
View File

@ -54,7 +54,7 @@ The following features are included in the preview release:
- [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac) <BR> Microsoft Defender ATP for Mac brings the next-generation protection, and endpoint detection and response coverage to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices.
- [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) <BR> A new built-in capability that uses a risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations.
- [Threat & Vulnerability Management Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy) <BR> You can report a false positive when you see any vague, inaccurate, incomplete, or already remediated [security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy), [software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory#report-inaccuracy), and [discovered vulnerabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses#report-inaccuracy).
- [Machine health and compliance report](machine-reports.md) The machine health and compliance report provides high-level information about the devices in your organization.

11
windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md
View File

@ -30,12 +30,19 @@ Ensure that your machines:
>Threat & Vulnerability Management can also scan machines that run on Windows 7 and Windows Server 2019 operating systems and detects vulnerabilities addressed in patch Tuesday.
- Have the following mandatory updates installed:
- (1) RS3 customers | [KB4493441](https://support.microsoft.com/en-us/help/4493441/windows-10-update-kb4493441)
- (2) RS4 customers | [KB4493464](https://support.microsoft.com/en-us/help/4493464)
- (1) RS3 customers | [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441)
- (2) RS4 customers | [KB4493464](https://support.microsoft.com/help/4493464)
- Are onboarded to Microsoft Intune and System Center Configuration Manager (SCCM). If you are use SCCM, update your console to the latest May version 1905
- Have at least one security recommendation that can be viewed in the machine page
- Are tagged or marked as co-managed
>[!IMPORTANT]
>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
><P>Downloading and deploying the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
## Reduce your threat and vulnerability exposure
Threat & Vulnerability Management introduces a new exposure score metric, which visually represents how exposed your machines are to imminent threats.

8
windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses.md
View File

@ -25,6 +25,14 @@ Threat & Vulnerability Management leverages the same signals in Microsoft Defend
The **Weaknesses** page lists down the vulnerabilities found in the infected software running in your organization, their severity, Common Vulnerability Scoring System (CVSS) rating, its prevalence in your organization, corresponding breach, and threat insights.
>[!IMPORTANT]
>To boost your vulnerability assessment detection rates, you can download the following set of optional security updates and deploy them in your network:
>- 19H1 customers | [KB 4512941](https://support.microsoft.com/help/4512941/windows-10-update-kb4512941)
>- RS5 customers | [KB 4516077](https://support.microsoft.com/help/4516077/windows-10-update-kb4516077)
>- RS4 customers | [KB 4516045](https://support.microsoft.com/help/4516045/windows-10-update-kb4516045)
>- RS3 customers | [KB 4516071](https://support.microsoft.com/help/4516071/windows-10-update-kb4516071)
><P>Downloading the above-mentioned security updates will be mandatory starting Patch Tuesday, October 8, 2019.
## Navigate through your organization's weaknesses page
You can see the list of vulnerabilities in four ways: