From e5a2f35ae6c8e344be56c43231d7f756359f1b25 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 2 Apr 2020 16:52:24 -0700 Subject: [PATCH 1/5] Add release notes for 100.90.70 --- .../linux-exclusions.md | 13 ++++++--- .../microsoft-defender-atp/linux-whatsnew.md | 27 +++++++++++++++++++ 2 files changed, 37 insertions(+), 3 deletions(-) create mode 100644 windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index 088b47a20c..dbd6c02b98 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -42,9 +42,16 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f Exclusion | Definition | Examples ---|---|--- File extension | All files with the extension, anywhere on the machine | .test -File | A specific file identified by the full path | /var/log/test.log -Folder | All files under the specified folder | /var/log/ -Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat +File | A specific file identified by the full path | /var/log/test.log
/var/log/*.log
/var/log/install.?.log +Folder | All files under the specified folder | /var/log/
/var/*/ +Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat
c?t + +File, folder, and process exclusions support the following wilcards: + +Wildcard | Description | Example | Matches +---|---|---|--- +\* | Matches any number of any characters including none | /var/\*/\*.log | /var/log/system.log +? | Matches any single character | file?.log | file1.log
file2.log ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md new file mode 100644 index 0000000000..9ebc453a7a --- /dev/null +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md @@ -0,0 +1,27 @@ +--- +title: What's new in Microsoft Defender Advanced Threat Protection for Linux +description: List of major changes for Microsoft Defender ATP for Linux. +keywords: microsoft, defender, atp, linux, whatsnew, release +search.product: eADQiWindows 10XVcnh +search.appverid: met150 +ms.prod: w10 +ms.mktglfcycl: security +ms.sitesec: library +ms.pagetype: security +ms.author: dansimp +author: dansimp +ms.localizationpriority: medium +manager: dansimp +audience: ITPro +ms.collection: M365-security-compliance +ms.topic: conceptual +--- + +# What's new in Microsoft Defender Advanced Threat Protection for Linux + +## 100.90.70 + +- Antivirus [exclusions now support wildcards](linux-exclusions.md#supported-exclusion-types) +- Added the ability to [troubleshoot performance issues](linux-support-perf.md) through the `mdatp` command-line tool +- Improvements to make the package installation more robust +- Performance improvements & bug fixes From 6408df8b3ed68f0324896eb311af4c7064976439 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 2 Apr 2020 16:54:06 -0700 Subject: [PATCH 2/5] Update TOC --- windows/security/threat-protection/TOC.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index f155348283..22fa95d3d8 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -228,6 +228,7 @@ ### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md) +#### [What's New](microsoft-defender-atp/linux-whatsnew.md) #### [Deploy]() ##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md) ##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md) From 4c90d09448983a3d507334f8c09eb3e2e3722550 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 2 Apr 2020 17:19:08 -0700 Subject: [PATCH 3/5] Make Acrolinx happy --- .../microsoft-defender-atp/linux-exclusions.md | 14 +++++++------- .../microsoft-defender-atp/mac-exclusions.md | 8 ++++---- 2 files changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index dbd6c02b98..ef0797f456 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -41,17 +41,17 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f Exclusion | Definition | Examples ---|---|--- -File extension | All files with the extension, anywhere on the machine | .test -File | A specific file identified by the full path | /var/log/test.log
/var/log/*.log
/var/log/install.?.log -Folder | All files under the specified folder | /var/log/
/var/*/ -Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat
c?t +File extension | All files with the extension, anywhere on the machine | `.test` +File | A specific file identified by the full path | `/var/log/test.log`
`/var/log/*.log`
`/var/log/install.?.log` +Folder | All files under the specified folder | `/var/log/`
`/var/*/` +Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
`c?t` -File, folder, and process exclusions support the following wilcards: +File, folder, and process exclusions support the following wildcards: Wildcard | Description | Example | Matches ---|---|---|--- -\* | Matches any number of any characters including none | /var/\*/\*.log | /var/log/system.log -? | Matches any single character | file?.log | file1.log
file2.log +\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` +? | Matches any single character | `file?.log` | `file1.log`
`file2.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 4ac890ab74..7e0983fb5f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -41,10 +41,10 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f Exclusion | Definition | Examples ---|---|--- -File extension | All files with the extension, anywhere on the machine | .test -File | A specific file identified by the full path | /var/log/test.log -Folder | All files under the specified folder | /var/log/ -Process | A specific process (specified either by the full path or file name) and all files opened by it | /bin/cat
cat +File extension | All files with the extension, anywhere on the machine | `.test` +File | A specific file identified by the full path | `/var/log/test.log` +Folder | All files under the specified folder | `/var/log/` +Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat` ## How to configure the list of exclusions From 2b9f9349b1189b02ee8872543da6ff5338793fb0 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 2 Apr 2020 17:22:00 -0700 Subject: [PATCH 4/5] Updated TOC --- windows/security/threat-protection/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 22fa95d3d8..81198f6218 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -228,7 +228,7 @@ ### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md) -#### [What's New](microsoft-defender-atp/linux-whatsnew.md) +#### [What's New](microsoft-defender-atp/mac-whatsnew.md) #### [Deploy]() ##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md) ##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md) From dca10fb7711b564b3cc59c8f4eadbfc73ac2229f Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 2 Apr 2020 17:23:18 -0700 Subject: [PATCH 5/5] One more try --- windows/security/threat-protection/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/TOC.md b/windows/security/threat-protection/TOC.md index 81198f6218..26df1d541e 100644 --- a/windows/security/threat-protection/TOC.md +++ b/windows/security/threat-protection/TOC.md @@ -228,7 +228,7 @@ ### [Microsoft Defender Advanced Threat Protection for Linux](microsoft-defender-atp/microsoft-defender-atp-linux.md) -#### [What's New](microsoft-defender-atp/mac-whatsnew.md) +#### [What's New](microsoft-defender-atp/linux-whatsnew.md) #### [Deploy]() ##### [Manual deployment](microsoft-defender-atp/linux-install-manually.md) ##### [Puppet based deployment](microsoft-defender-atp/linux-install-with-puppet.md)