diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md
index 36aa92c294..f4ebcf787a 100644
--- a/windows/security/threat-protection/TOC.md
+++ b/windows/security/threat-protection/TOC.md
@@ -230,6 +230,7 @@
### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md)
+#### [What's New](microsoft-defender-atp/linux-whatsnew.md)
#### [Deploy]()
##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md)
##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md)
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
index 088b47a20c..ef0797f456 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
@@ -41,10 +41,17 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f
Exclusion | Definition | Examples
---|---|---
-File extension | All files with the extension, anywhere on the machine | .test
-File | A specific file identified by the full path | /var/log/test.log
-Folder | All files under the specified folder | /var/log/
-Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat
+File extension | All files with the extension, anywhere on the machine | `.test`
+File | A specific file identified by the full path | `/var/log/test.log`
`/var/log/*.log`
`/var/log/install.?.log`
+Folder | All files under the specified folder | `/var/log/`
`/var/*/`
+Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
`c?t`
+
+File, folder, and process exclusions support the following wildcards:
+
+Wildcard | Description | Example | Matches
+---|---|---|---
+\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log`
+? | Matches any single character | `file?.log` | `file1.log`
`file2.log`
## How to configure the list of exclusions
diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
new file mode 100644
index 0000000000..9ebc453a7a
--- /dev/null
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md
@@ -0,0 +1,27 @@
+---
+title: What's new in Microsoft Defender Advanced Threat Protection for Linux
+description: List of major changes for Microsoft Defender ATP for Linux.
+keywords: microsoft, defender, atp, linux, whatsnew, release
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: security
+ms.sitesec: library
+ms.pagetype: security
+ms.author: dansimp
+author: dansimp
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: M365-security-compliance
+ms.topic: conceptual
+---
+
+# What's new in Microsoft Defender Advanced Threat Protection for Linux
+
+## 100.90.70
+
+- Antivirus [exclusions now support wildcards](linux-exclusions.md#supported-exclusion-types)
+- Added the ability to [troubleshoot performance issues](linux-support-perf.md) through the `mdatp` command-line tool
+- Improvements to make the package installation more robust
+- Performance improvements & bug fixes
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index 4ac890ab74..7e0983fb5f 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -41,10 +41,10 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f
Exclusion | Definition | Examples
---|---|---
-File extension | All files with the extension, anywhere on the machine | .test
-File | A specific file identified by the full path | /var/log/test.log
-Folder | All files under the specified folder | /var/log/
-Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat
+File extension | All files with the extension, anywhere on the machine | `.test`
+File | A specific file identified by the full path | `/var/log/test.log`
+Folder | All files under the specified folder | `/var/log/`
+Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
## How to configure the list of exclusions