From 48575038bb73545e3a545034e352b67e72d0385b Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Fri, 31 Jan 2020 11:50:40 -0800 Subject: [PATCH] Release notes for 1912-2 --- .../microsoft-defender-atp/mac-preferences.md | 54 +++++++++++++++++++ .../microsoft-defender-atp/mac-whatsnew.md | 6 +++ 2 files changed, 60 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md index 85deccc918..b9a690f1e2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md @@ -80,6 +80,18 @@ Specify whether the antivirus engine runs in passive mode. Passive mode has the | **Possible values** | false (default)
true | | **Comments** | Available in Microsoft Defender ATP version 100.67.60 or higher. | +#### Exclusion merge policy + +Specify the merge policy for exclusions. This can be a combination of administrator-defined and user-defined exclusions (`merge`) or only administrator-defined exclusions (`admin_only`). This setting can be used to restrict local users from defining their own exclusions. + +||| +|:---|:---| +| **Domain** | `com.microsoft.wdav` | +| **Key** | exclusionsMergePolicy | +| **Data type** | String | +| **Possible values** | merge (default)
admin_only | +| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. | + #### Scan exclusions Specify entities excluded from being scanned. Exclusions can be specified by full paths, extensions, or file names. @@ -160,6 +172,18 @@ Specify threats by name that are not blocked by Microsoft Defender ATP for Mac. | **Key** | allowedThreats | | **Data type** | Array of strings | +#### Disallowed threat actions + +Restricts the actions that the local user of a device can take when threats are detected. The actions included in this list are not displayed in the user interface. + +||| +|:---|:---| +| **Domain** | `com.microsoft.wdav` | +| **Key** | disallowedThreatActions | +| **Data type** | Array of strings | +| **Possible values** | allow (restricts users from allowing threats)
restore (restricts users from restoring threats from the quarantine) | +| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. | + #### Threat type settings Specify how certain threat types are handled by Microsoft Defender ATP for Mac. @@ -197,6 +221,18 @@ Specify what action to take when a threat of the type specified in the preceding | **Data type** | String | | **Possible values** | audit (default)
block
off | +#### Threat type settings merge policy + +Specify the merge policy for threat type settings. This can be a combination of administrator-defined and user-defined settings (`merge`) or only administrator-defined settings (`admin_only`). This setting can be used to restrict local users from defining their own settings for different threat types. + +||| +|:---|:---| +| **Domain** | `com.microsoft.wdav` | +| **Key** | threatTypeSettingsMergePolicy | +| **Data type** | String | +| **Possible values** | merge (default)
admin_only | +| **Comments** | Available in Microsoft Defender ATP version 100.83.73 or higher. | + ### Cloud-delivered protection preferences Configure the cloud-driven protection features of Microsoft Defender ATP for Mac. @@ -483,10 +519,17 @@ The following configuration profile contains entries for all settings described pdf + exclusionsMergePolicy + merge allowedThreats EICAR-Test-File (not a virus) + disallowedThreatActions + + allow + restore + threatTypeSettings @@ -502,6 +545,8 @@ The following configuration profile contains entries for all settings described audit + threatTypeSettingsMergePolicy + merge cloudService @@ -594,10 +639,17 @@ The following configuration profile contains entries for all settings described pdf + exclusionsMergePolicy + merge allowedThreats EICAR-Test-File (not a virus) + disallowedThreatActions + + allow + restore + threatTypeSettings @@ -613,6 +665,8 @@ The following configuration profile contains entries for all settings described audit + threatTypeSettingsMergePolicy + merge cloudService diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 43323ca96d..34df1f32fc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -19,6 +19,12 @@ ms.topic: conceptual # What's new in Microsoft Defender Advanced Threat Protection for Mac +## 100.83.73 + +- Added more controls for IT administrators around [management of exclusions](mac-preferences.md#exclusion-merge-policy), [management of threat type settings](mac-preferences.md#threat-type-settings-merge-policy), and [disallowed threat actions](mac-preferences.md#disallowed-threat-actions) +- When Full Disk Access is not enabled on the device, a warning is now displayed in the status menu +- Performance improvements & bug fixes + ## 100.82.60 - Addressed an issue where the product fails to start following a definition update.