diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_32_Main_App_Fix.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_32_Main_App_Fix.png new file mode 100644 index 0000000000..1d68a3dcce Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_32_Main_App_Fix.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_33_SecurityPrivacySettings_NoPrompt.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_33_SecurityPrivacySettings_NoPrompt.png new file mode 100644 index 0000000000..03fa2f0b9c Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_33_SecurityPrivacySettings_NoPrompt.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_34_MAU.png b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_34_MAU.png new file mode 100644 index 0000000000..99e4d16920 Binary files /dev/null and b/windows/security/threat-protection/windows-defender-antivirus/images/MDATP_34_MAU.png differ diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md index c261037801..da0118cedb 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md @@ -25,7 +25,7 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. ## Prerequisites and system requirements @@ -79,7 +79,62 @@ To complete this process, you must have admin privileges on the machine. The installation will proceed. > [!NOTE] -> If you don't select **Allow**, the installation will fail after 5 minutes. You can restart it again at any time. +> If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but real-time protection will be disabled. + +### Fixing disabled Real Time Protection + +If you did not enable Microsoft's driver during installation, then Defender's application will display a banner prompting you to enable it: + + ![RTP disabled screenshot](images/MDATP_32_Main_App_Fix.png) + +You can also run ```mdatp --health```. It will report if Real Time Protection is enabled but not available: + +```bash +mavel-mojave:~ testuser$ mdatp --health +... +realTimeProtectionAvailable : false +realTimeProtectionEnabled : true +... +``` + +> [!NOTE] +> You have a 30 minute window to enable Real Time Protection from the warning banner, immediately following installation. + +The warning banner containing a **Fix** button, which allows you to quickly enable Real Time Protection, without having to open a command prompt. Select the **Fix** button. It will prompt the **Security & Privacy** system window, where you will have to **Allow** system software from developers "Microsoft Corporation". + +If you don't see a prompt, it means that 30 or more minutes have already passed, and Real Time Protection has still not been enabled: + +![Security and privacy window after prompt expired screenshot](images/MDATP_33_SecurityPrivacySettings_NoPrompt.png) + +In this case, you will need to perform the following steps to enable Real Time Protection instead. + +1. In Terminal, attempt to install the driver. (The operation will fail) + ```bash + mavel-mojave:~ testuser$ sudo kextutil /Library/Extensions/wdavkext.kext + Kext rejected due to system policy: { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" } + Kext rejected due to system policy: { URL = "file:///Library/StagedExtensions/Library/Extensions/wdavkext.kext/", ID = "com.microsoft.wdavkext" } + Diagnostics for /Library/Extensions/wdavkext.kext: + ``` + +2. Open **System Preferences...** > **Security & Privacy** from the menu. (Close it first, if it's opened.) + +3. **Allow** system software from developers "Microsoft Corporation" + +4. In Terminal, install the driver again. This time the operation will succeed: + +```bash +mavel-mojave:~ testuser$ sudo kextutil /Library/Extensions/wdavkext.kext +``` + +The banner should disappear from the Defender application, and ```mdatp --health``` should now report that Real Time Protection is both enabled and available: + +```bash +mavel-mojave:~ testuser$ mdatp --health +... +realTimeProtectionAvailable : true +realTimeProtectionEnabled : true +... +``` ## Client configuration diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md index 6f3b99dc46..add0f3f650 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md @@ -25,7 +25,7 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md index b7524656f9..57f36fcbf5 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md @@ -25,7 +25,7 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md index 5bdebb3c04..f994a4d7d4 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md @@ -23,7 +23,7 @@ ms.topic: conceptual - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. ## Prerequisites and system requirements diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md index 3b68d01cfd..8341a2e601 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md @@ -25,7 +25,7 @@ ms.topic: conceptual [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md) >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender ATP for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. ## Collecting diagnostic information @@ -66,6 +66,16 @@ If an error occurs during installation, the installer will only report a general The detailed log will be saved to /Library/Logs/Microsoft/wdav.install.log. If you experience issues during installation, send us this file so we can help diagnose the cause. +## Upgrade + +We distribute our updates via Microsoft Auto Update (MAU). You can check for MAU settings in main application's menu (Help => Check For Product Updates...): + + ![MAU screenshot](images/MDATP_34_MAU.png) + +**Q**: Can MDATP for Mac be updated without MAU? + +**A**: In the current release, MDATP for Mac product updates are done via MAU. While advanced manageability experts may be able to set up the product updates without MAU, this scenario is not explicitly supported. We will monitor customer interest in this scenario to evaluate its importance relative to other product advancements. + ## Uninstalling There are several ways to uninstall Microsoft Defender ATP for Mac. Please note that while centrally managed uninstall is available on JAMF, it is not yet available for Microsoft Intune. diff --git a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md index b3ad2a2c8c..6794868296 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md @@ -21,7 +21,7 @@ ms.topic: conceptual # Microsoft Defender Advanced Threat Protection for Mac >[!IMPORTANT] ->This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available, and this topic only applies to enterprise customers who have been accepted into the preview program. Microsoft makes no warranties, express or implied, with respect to the information provided here. +>This topic relates to the pre-release version of Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac. Microsoft Defender ATP for Mac is not yet widely available. Microsoft makes no warranties, express or implied, with respect to the information provided here. This topic describes how to install and use Microsoft Defender ATP for Mac.