mirror of
https://github.com/MicrosoftDocs/windows-itpro-docs.git
synced 2025-06-19 04:13:41 +00:00
Merge branch 'master' of https://cpubwin.visualstudio.com/_git/it-client into FromPrivateRepo
This commit is contained in:
Alma Jenks
@ -27,6 +27,9 @@ To avoid the automatic encryption of data, developers can enlighten apps by addi
|
||||
|
||||
We strongly suggest that the only unenlightened apps you add to your allowed apps list are Line-of-Business (LOB) apps.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>After revoking WIP, unenlightened apps will have to be uninstalled and re-installed since their settings files will remain encrypted.
|
||||
|
||||
>[!Note]
|
||||
>For more info about creating enlightened apps, see the [Windows Information Protection (WIP)](https://msdn.microsoft.com/en-us/windows/uwp/enterprise/wip-hub) topic in the Windows Dev Center.
|
||||
|
||||
|
||||
@ -509,6 +509,9 @@ To configure WIP to use Azure Rights Management, you must set the **AllowAzureRM
|
||||
|
||||
Optionally, if you don’t want everyone in your organization to be able to share your enterprise data, you can set the **RMSTemplateIDForEDP** MDM setting to the **TemplateID** of the Azure Rights Management template used to encrypt the data. You must make sure to mark the template with the **EditRightsData** option.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>Curly braces -- {} -- are required around the RMS Template ID.
|
||||
|
||||
>[!NOTE]
|
||||
>For more info about setting the **AllowAzureRMSForEDP** and the **RMSTemplateIDForEDP** MDM settings, see the [EnterpriseDataProtection CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterprisedataprotection-csp) topic. For more info about setting up and using a custom template, see [Configuring custom templates for the Azure Rights Management service](https://docs.microsoft.com/en-us/information-protection/deploy-use/configure-custom-templates) topic.
|
||||
|
||||
|
||||
@ -420,6 +420,9 @@ To configure WIP to use Azure Rights Management, you must set the **AllowAzureRM
|
||||
|
||||
Optionally, if you don’t want everyone in your organization to be able to share your enterprise data, you can set the **RMSTemplateIDForEDP** MDM setting to the **TemplateID** of the Azure Rights Management template used to encrypt the data. You must make sure to mark the template with the **EditRightsData** option.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>Curly braces -- {} -- are required around the RMS Template ID.
|
||||
|
||||
>[!NOTE]
|
||||
>For more info about setting the **AllowAzureRMSForEDP** and the **RMSTemplateIDForEDP** MDM settings, see the [EnterpriseDataProtection CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterprisedataprotection-csp) topic. For more info about setting up and using a custom template, see [Configuring custom templates for the Azure Rights Management service](https://docs.microsoft.com/en-us/information-protection/deploy-use/configure-custom-templates) topic.
|
||||
|
||||
|
||||
@ -555,6 +555,9 @@ To configure WIP to use Azure Rights Management, you must set the **AllowAzureRM
|
||||
|
||||
Optionally, if you don’t want everyone in your organization to be able to share your enterprise data, you can set the **RMSTemplateIDForEDP** MDM setting to the **TemplateID** of the Azure Rights Management template used to encrypt the data. You must make sure to mark the template with the **EditRightsData** option.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>Curly braces -- {} -- are required around the RMS Template ID.
|
||||
|
||||
>[!NOTE]
|
||||
>For more info about setting the **AllowAzureRMSForEDP** and the **RMSTemplateIDForEDP** MDM settings, see the [EnterpriseDataProtection CSP](https://msdn.microsoft.com/windows/hardware/commercialize/customize/mdm/enterprisedataprotection-csp) topic. For more info about setting up and using a custom template, see [Configuring custom templates for the Azure Rights Management service](https://docs.microsoft.com/en-us/information-protection/deploy-use/configure-custom-templates) topic.
|
||||
|
||||
|
||||
@ -23,6 +23,9 @@ We've come up with a list of suggested testing scenarios that you can use to tes
|
||||
## Testing scenarios
|
||||
You can try any of the processes included in these scenarios, but you should focus on the ones that you might encounter in your organization.
|
||||
|
||||
>[!IMPORTANT]
|
||||
>If any of these scenarios does not work, first take note of whether WIP has been revoked. If it has, unenlightened apps will have to be uninstalled and re-installed since their settings files will remain encrypted.
|
||||
|
||||
<table>
|
||||
<tr>
|
||||
<th>Scenario</th>
|
||||
@ -152,7 +155,7 @@ You can try any of the processes included in these scenarios, but you should foc
|
||||
<td>Unenroll client devices from WIP.</td>
|
||||
<td>
|
||||
<ul>
|
||||
<li>Unenroll a device from WIP by going to <strong>Settings</strong>, click <strong>Accounts</strong>, click <strong>Work</strong>, click the name of the device you want to unenroll, and then click <strong>Remove</strong>.<br>The device should be removed and all of the enterprise content for that managed account should be gone.<br><br><strong>Important</strong><br>On desktop devices, the data isn't removed and can be recovered, so you must make sure they content is marked as <strong>Revoked</strong> and that access is denied for the employee. On mobile devices, the data is removed.</li>
|
||||
<li>Unenroll a device from WIP by going to <strong>Settings</strong>, click <strong>Accounts</strong>, click <strong>Work</strong>, click the name of the device you want to unenroll, and then click <strong>Remove</strong>.<br>The device should be removed and all of the enterprise content for that managed account should be gone.<br><br><strong>Important</strong><br>On desktop devices, the data isn't removed and can be recovered, so you must make sure the content is marked as <strong>Revoked</strong> and that access is denied for the employee. On mobile devices, the data is removed.</li>
|
||||
</ul>
|
||||
</td>
|
||||
</tr>
|
||||
|
||||
@ -4,12 +4,14 @@
|
||||
## [The Windows Defender Security Center app](windows-defender-security-center/windows-defender-security-center.md)
|
||||
### [Customize the Windows Defender Security Center app for your organization](windows-defender-security-center/wdsc-customize-contact-information.md)
|
||||
### [Hide Windows Defender Security Center app notifications](windows-defender-security-center/wdsc-hide-notifications.md)
|
||||
### [Manage Windows Defender Security Center in Windows 10 in S mode](windows-defender-security-center\wdsc-windows-10-in-s-mode.md)
|
||||
### [Virus and threat protection](windows-defender-security-center/wdsc-virus-threat-protection.md)
|
||||
### [Device performance and health](windows-defender-security-center/wdsc-device-performance-health.md)
|
||||
### [Firewall and network protection](windows-defender-security-center/wdsc-firewall-network-protection.md)
|
||||
### [App and browser control](windows-defender-security-center/wdsc-app-browser-control.md)
|
||||
### [Family options](windows-defender-security-center/wdsc-family-options.md)
|
||||
|
||||
### [Account protection](windows-defender-security-center\wdsc-account-protection.md)
|
||||
### [Firewall and network protection](windows-defender-security-center\wdsc-firewall-network-protection.md)
|
||||
### [App and browser control](windows-defender-security-center\wdsc-app-browser-control.md)
|
||||
### [Device security](windows-defender-security-center\wdsc-device-security.md)
|
||||
### [Device performance and health](windows-defender-security-center\wdsc-device-performance-health.md)
|
||||
### [Family options](windows-defender-security-center\wdsc-family-options.md)
|
||||
|
||||
|
||||
|
||||
|
||||
@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
ms.author: sagaudre
|
||||
author: brianlic-msft
|
||||
ms.date: 10/23/2017
|
||||
ms.date: 05/01/2018
|
||||
---
|
||||
|
||||
# Get Support
|
||||
|
||||
@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
ms.author: sagaudre
|
||||
author: brianlic-msft
|
||||
ms.date: 02/16/2018
|
||||
ms.date: 05/01/2018
|
||||
---
|
||||
|
||||
# Microsoft Security Compliance Toolkit 1.0
|
||||
@ -22,8 +22,9 @@ The SCT enables administrators to effectively manage their enterprise’s Group
|
||||
The Security Compliance Toolkit consists of:
|
||||
|
||||
- Windows 10 Security Baselines
|
||||
- Windows 10 Version 1803 (April 2018 Update)
|
||||
- Windows 10 Version 1709 (Fall Creators Update)
|
||||
- Windows 10 Version 1703 (Creators Update)
|
||||
- Windows 10 Version 1703 (Creators Update)
|
||||
- Windows 10 Version 1607 (Anniversary Update)
|
||||
- Windows 10 Version 1511 (November Update)
|
||||
- Windows 10 Version 1507
|
||||
@ -40,7 +41,7 @@ The Security Compliance Toolkit consists of:
|
||||
- Local Group Policy Object (LGPO) tool
|
||||
|
||||
|
||||
You can [download the tools](https://www.microsoft.com/download/details.aspx?id=55319) along with the baselines for the relevant Windows versions.
|
||||
You can [download the tools](https://www.microsoft.com/download/details.aspx?id=55319) along with the baselines for the relevant Windows versions. For more details about security baseline recommendations, see the [Microsoft Security Guidance blog](https://blogs.technet.microsoft.com/secguide/).
|
||||
|
||||
## What is the Policy Analyzer tool?
|
||||
|
||||
@ -52,7 +53,7 @@ The Policy Analyzer is a utility for analyzing and comparing sets of Group Polic
|
||||
|
||||
Policy Analyzer lets you treat a set of GPOs as a single unit. This makes it easy to determine whether particular settings are duplicated across the GPOs or are set to conflicting values. Policy Analyzer also lets you capture a baseline and then compare it to a snapshot taken at a later time to identify changes anywhere across the set.
|
||||
|
||||
More information on the Policy Analyzer tool can be found on the [Security Guidance blog](https://blogs.technet.microsoft.com/secguide/2016/01/22/new-tool-policy-analyzer/) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
|
||||
More information on the Policy Analyzer tool can be found on the [Microsoft Security Guidance blog](https://blogs.technet.microsoft.com/secguide/2016/01/22/new-tool-policy-analyzer/) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
|
||||
|
||||
## What is the Local Group Policy Object (LGPO) tool?
|
||||
|
||||
@ -62,4 +63,4 @@ LGPO.exe can import and apply settings from Registry Policy (Registry.pol) files
|
||||
It can export local policy to a GPO backup.
|
||||
It can export the contents of a Registry Policy file to the “LGPO text” format that can then be edited, and can build a Registry Policy file from an LGPO text file.
|
||||
|
||||
Documentation for the LGPO tool can be found on the [Security Guidance blog](https://blogs.technet.microsoft.com/secguide/2016/01/21/lgpo-exe-local-group-policy-object-utility-v1-0/) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
|
||||
Documentation for the LGPO tool can be found on the [Microsoft Security Guidance blog](https://blogs.technet.microsoft.com/secguide/2016/01/21/lgpo-exe-local-group-policy-object-utility-v1-0/) or by [downloading the tool](https://www.microsoft.com/download/details.aspx?id=55319).
|
||||
@ -38,9 +38,7 @@ To configure the Group Policy settings described in the following table:
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
|
||||
@ -54,7 +54,9 @@ You can also [customize the message displayed on users' desktops](https://docs.m
|
||||
|
||||
When a Windows Defender Antivirus client encounters a suspicious but undetected file, it queries our cloud protection backend. The cloud backend will apply heuristics, machine learning, and automated analysis of the file to determine the files as malicious or clean.
|
||||
|
||||
The Block at First Sight feature only uses the cloud protection backend for executable files and non-portable executable files (such as JS, VBS, or macros) that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
|
||||
In Windows 10, version 1803, the Block at First Sight feature can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
|
||||
|
||||
The Block at First Sight feature only uses the cloud protection backend for executable files and non-portable executable files that are downloaded from the Internet, or originating from the Internet zone. A hash value of the .exe file is checked via the cloud backend to determine if this is a previously undetected file.
|
||||
|
||||
|
||||
|
||||
@ -73,9 +75,7 @@ Block at First Sight requires a number of Group Policy settings to be configured
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > MAPS** and configure the following Group Policies:
|
||||
|
||||
|
||||
@ -53,9 +53,7 @@ You can use Group Policy to specify an extended timeout for cloud checks.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
2. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
3. Click **Administrative templates**.
|
||||
2. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
4. Expand the tree to **Windows components > Windows Defender Antivirus > MpEngine**
|
||||
|
||||
|
||||
@ -97,9 +97,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/17/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Prevent or allow users to locally modify Windows Defender AV policy settings
|
||||
@ -45,9 +45,7 @@ To configure these settings:
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
@ -89,9 +87,7 @@ You can disable this setting to ensure that only globally defined lists (such as
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus**.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/04/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Configure and validate network connections for Windows Defender Antivirus
|
||||
@ -19,7 +19,7 @@ ms.date: 04/04/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 (some instructions are only applicable for Windows 10, version 1703)
|
||||
- Windows 10 (some instructions are only applicable for Windows 10, version 1703 or later)
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -88,9 +88,7 @@ See the [Customize the Windows Defender Security Center app for your organizatio
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Client interface**.
|
||||
|
||||
|
||||
@ -71,9 +71,7 @@ You can [configure how locally and globally defined exclusions lists are merged]
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
@ -50,9 +50,7 @@ To configure these settings:
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
@ -87,9 +85,7 @@ The main real-time protection capability is enabled by default, but you can disa
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Real-time protection**.
|
||||
|
||||
|
||||
@ -47,9 +47,7 @@ To configure these settings:
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus** and then the **Location** specified in the table below.
|
||||
|
||||
|
||||
@ -61,9 +61,7 @@ You can disable the auto-exclusions lists with Group Policy, PowerShell cmdlets,
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Exclusions**.
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 38 KiB After Width: | Height: | Size: 195 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 37 KiB After Width: | Height: | Size: 42 KiB |
@ -11,14 +11,14 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/17/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Use next-gen technologies in Windows Defender Antivirus through cloud-delivered protection
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1703
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
**Audience**
|
||||
|
||||
@ -42,7 +42,7 @@ To understand how next-gen technologies shorten protection delivery time through
|
||||
<iframe
|
||||
src="https://videoplayercdn.osi.office.net/embed/c2f20f59-ca56-4a7b-ba23-44c60bc62c59" width="768" height="432" allowFullScreen="true" frameBorder="0" scrolling="no"></iframe>
|
||||
|
||||
Read the following blogposts for detailed protection stories involving cloud-protection and Microsoft AI:
|
||||
Read the following blog posts for detailed protection stories involving cloud-protection and Microsoft AI:
|
||||
|
||||
- [Why Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise/)
|
||||
- [Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/)
|
||||
@ -54,6 +54,8 @@ Read the following blogposts for detailed protection stories involving cloud-pro
|
||||
|
||||
Cloud-delivered protection is enabled by default. However, you may need to re-enable it if it has been disabled as part of previous organizational policies.
|
||||
|
||||
Organizations running Windows 10 E5, version 1803 can also take advantage of emergency dynamic intelligence updates, which provide near real-time protection from emerging threats. When you turn cloud-delivered protection on, we can deliver a fix for a malware issue via the cloud within minutes instead of waiting for the next update.
|
||||
|
||||
>[!TIP]
|
||||
>You can also visit the Windows Defender Testground website at [demo.wd.microsoft.com](https://demo.wd.microsoft.com?ocid=cx-wddocs-testground) to confirm the feature is working and see how it works.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/17/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Windows Defender Antivirus in Windows 10 and Windows Server 2016
|
||||
@ -49,6 +49,12 @@ Some of the highlights of Windows Defender AV include:
|
||||
>- Fast learning (including Block at first sight)
|
||||
>- Potentially unwanted application blocking
|
||||
|
||||
## What's new in Windows 10, version 1803
|
||||
|
||||
- The [Block at First Sight feature](configure-block-at-first-sight-windows-defender-antivirus.md) can now block non-portable executable files (such as JS, VBS, or macros) as well as executable files.
|
||||
- The [Virus & threat protection area in the Windows Defender Security Center](windows-defender-security-center-antivirus.md) now includes a section for Ransomware protection. It includes Controlled folder access settings and Ransomware recovery settings.
|
||||
|
||||
|
||||
## What's new in Windows 10, version 1703
|
||||
|
||||
New features for Windows Defender AV in Windows 10, version 1703 include:
|
||||
@ -60,9 +66,6 @@ We've expanded this documentation library to cover end-to-end deployment, manage
|
||||
- [Evaluation guide for Windows Defender AV](evaluate-windows-defender-antivirus.md)
|
||||
- [Deployment guide for Windows Defender AV in a virtual desktop infrastructure environment](deployment-vdi-windows-defender-antivirus.md)
|
||||
|
||||
See the [In this library](#in-this-library) list at the end of this topic for links to each of the updated sections in this library.
|
||||
|
||||
|
||||
|
||||
<a id="sysreq"></a>
|
||||
## Minimum system requirements
|
||||
|
||||
@ -76,7 +76,7 @@ Item | Windows 10, before version 1703 | Windows 10, version 1703 and later | De
|
||||
|
||||
## Common tasks
|
||||
|
||||
This section describes how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Windows Defender Antivirus in the new Windows Defender Security Center app.
|
||||
This section describes how to perform some of the most common tasks when reviewing or interacting with the threat protection provided by Windows Defender Antivirus in the Windows Defender Security Center app.
|
||||
|
||||
> [!NOTE]
|
||||
> If these settings are configured and deployed using Group Policy, the settings described in this section will be greyed-out and unavailable for use on individual endpoints. Changes made through a Group Policy Object must first be deployed to individual endpoints before the setting will be updated in Windows Settings. The [Configure end-user interaction with Windows Defender Antivirus](configure-end-user-interaction-windows-defender-antivirus.md) topic describes how local policy override settings can be configured.
|
||||
@ -87,9 +87,9 @@ This section describes how to perform some of the most common tasks when reviewi
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
|
||||
|
||||
3. Click **Quick scan**.
|
||||
3. Click **Scan now**.
|
||||
|
||||
4. Click **Advanced scan** to specify different types of scans, such as a full scan.
|
||||
4. Click **Run a new advanced scan** to specify different types of scans, such as a full scan.
|
||||
|
||||
<a id="definition-version"></a>
|
||||
**Review the definition update version and download the latest updates in the Windows Defender Security Center app**
|
||||
@ -97,7 +97,7 @@ This section describes how to perform some of the most common tasks when reviewi
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
|
||||
|
||||
3. Click **Protection updates**. The currently installed version is displayed along with some information about when it was downloaded. You can check this against the latest version available for manual download, or review the change log for that version.
|
||||
3. Click **Virus & threat protection updates**. The currently installed version is displayed along with some information about when it was downloaded. You can check this against the latest version available for manual download, or review the change log for that version.
|
||||
|
||||
|
||||
|
||||
@ -138,12 +138,21 @@ This section describes how to perform some of the most common tasks when reviewi
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
|
||||
|
||||
3. Click **Scan history**.
|
||||
3. Click **Threat history**.
|
||||
|
||||
4. Click **See full history** under each of the categories (**Current threats**, **Quarantined threats**, **Allowed threats**).
|
||||
|
||||
|
||||
<a id="ransomware"></a>
|
||||
**Set ransomware protection and recovery options**
|
||||
1. Open the Windows Defender Security Center app by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar).
|
||||
|
||||
3. Click **Ransomware protection**.
|
||||
|
||||
4. To change Controlled folder access settings, see [Protect important folders with Controlled folder access](https://docs.microsoft.com/en-us/windows/security/threat-protection/windows-defender-exploit-guard/controlled-folders-exploit-guard).
|
||||
|
||||
5. To set up ransomware recovery options, click **Set up** under **Ransomware data recovery** and follow the instructions for linking or setting up your OneDrive account so you can easily recover from a ransomware attack.
|
||||
|
||||
|
||||
## Related topics
|
||||
|
||||
@ -11,14 +11,14 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/01/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Customize Attack surface reduction
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10 Enterprise edition, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -82,9 +82,7 @@ See the [Attack surface reduction](attack-surface-reduction-exploit-guard.md) to
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Attack surface reduction**.
|
||||
|
||||
|
||||
@ -46,7 +46,7 @@ This topic describes how to customize the following settings of the Controlled f
|
||||
- [Add apps that should be allowed to access protected folders](#allow-specifc-apps-to-make-changes-to-controlled-folders)
|
||||
|
||||
>[!WARNING]
|
||||
>Controlled folder access is a new technology that monitors apps for activities that may be malicious. Sometimes it might block a legitimate app from making legitimate changes to your files.
|
||||
>Controlled folder access monitors apps for activities that may be malicious. Sometimes it might block a legitimate app from making legitimate changes to your files.
|
||||
>
|
||||
>This may impact your organization's productivity, so you may want to consider running the feature in [audit mode](audit-windows-defender-exploit-guard.md) to fully assess the feature's impact.
|
||||
|
||||
@ -67,10 +67,8 @@ You can use the Windows Defender Security Center app or Group Policy to add and
|
||||
|
||||
1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Ransomware protection**:
|
||||
|
||||
|
||||
|
||||
3. Under the **Controlled folder access** section, click **Protected folders**
|
||||
|
||||
4. Click **Add a protected folder** and follow the prompts to add apps.
|
||||
@ -134,10 +132,8 @@ When you add an app, you have to specify the app's location. Only the app in tha
|
||||
|
||||
1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Ransomware protection**.
|
||||
|
||||
|
||||
|
||||
3. Under the **Controlled folder access** section, click **Allow an app through Controlled folder access**
|
||||
|
||||
4. Click **Add an allowed app** and follow the prompts to add apps.
|
||||
@ -148,9 +144,7 @@ When you add an app, you have to specify the app's location. Only the app in tha
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled folder access**.
|
||||
|
||||
|
||||
@ -127,10 +127,8 @@ Validate stack integrity (StackPivot) | Ensures that the stack has not been redi
|
||||
|
||||
1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then the **Exploit protection** label:
|
||||
|
||||
|
||||
|
||||
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection**.
|
||||
|
||||
3. Under the **System settings** section, find the mitigation you want to configure and select one of the following. Apps that aren't configured individually in the **Program settings** section will use the settings configured here:
|
||||
- **On by default** - The mitigation is *enabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
|
||||
- **Off by default** - The mitigation is *disabled* for apps that don't have this mitigation set in the app-specific **Program settings** section
|
||||
@ -154,11 +152,8 @@ Exporting the configuration as an XML file allows you to copy the configuration
|
||||
|
||||
1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then the **Exploit protection settings** at the bottom of the screen:
|
||||
2. Click the **App & browser control** tile (or the app icon on the left menu bar) and then click **Exploit protection settings** at the bottom of the screen.
|
||||
|
||||
|
||||
|
||||
|
||||
3. Go to the **Program settings** section and choose the app you want to apply mitigations to:
|
||||
|
||||
1. If the app you want to configure is already listed, click it and then click **Edit**
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/01/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 04/01/2018
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -72,9 +72,7 @@ See the [Attack surface reduction](attack-surface-reduction-exploit-guard.md) to
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Attack surface reduction**.
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/17/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -64,21 +64,16 @@ For further details on how audit mode works, and when you might want to use it,
|
||||
|
||||
1. Open the Windows Defender Security Center by clicking the shield icon in the task bar or searching the start menu for **Defender**.
|
||||
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then the **Virus & threat protection settings** label:
|
||||
2. Click the **Virus & threat protection** tile (or the shield icon on the left menu bar) and then click **Ransomware protection**.
|
||||
|
||||
|
||||
|
||||
3. Set the switch for the feature to **On**
|
||||
3. Set the switch for **Controlled folder access** to **On**.
|
||||
|
||||
|
||||
|
||||
### Use Group Policy to enable Controlled folder access
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Controlled folder access**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 10/16/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 10/16/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -53,9 +53,7 @@ For background information on how audit mode works, and when you might want to u
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Policies** then **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Antivirus > Windows Defender Exploit Guard > Network protection**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -19,7 +19,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Evaluate Network protection
|
||||
@ -20,7 +20,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10 Enterprise edition, version 1709 or later
|
||||
|
||||
|
||||
|
||||
|
||||
@ -164,9 +164,7 @@ You can use Group Policy to deploy the configuration you've created to multiple
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration**.
|
||||
|
||||
4. Click **Administrative templates**.
|
||||
3. In the **Group Policy Management Editor** go to **Computer configuration** and click **Administrative templates**.
|
||||
|
||||
5. Expand the tree to **Windows components > Windows Defender Exploit Guard > Exploit protection**.
|
||||
|
||||
|
||||
@ -9,9 +9,9 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 11/20/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -20,7 +20,7 @@ ms.date: 11/20/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 or higher
|
||||
|
||||
|
||||
|
||||
|
||||
@ -9,16 +9,16 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
ms.date: 12/12/2017
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
# Troubleshoot Attack surface reduction rules
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 or higher
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -9,8 +9,8 @@ ms.mktglfcycl: manage
|
||||
ms.sitesec: library
|
||||
ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: iaanw
|
||||
ms.author: iawilt
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 12/12/2017
|
||||
---
|
||||
|
||||
@ -18,7 +18,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10 Enterprise edition, version 1709 or higher
|
||||
- Windows 10, version 1709 or higher
|
||||
|
||||
**Audience**
|
||||
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 12/12/2017
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -21,7 +21,7 @@ ms.date: 12/12/2017
|
||||
|
||||
**Applies to:**
|
||||
|
||||
- Windows 10, version 1709
|
||||
- Windows 10, version 1709 and later
|
||||
|
||||
|
||||
|
||||
@ -38,6 +38,10 @@ There are four features in Windows Defender EG:
|
||||
- [Network protection](network-protection-exploit-guard.md) extends the malware and social engineering protection offered by Windows Defender SmartScreen in Microsoft Edge to cover network traffic and connectivity on your organization's devices. Requires Windows Defender AV.
|
||||
- [Controlled folder access](controlled-folders-exploit-guard.md) helps protect files in key system folders from changes made by malicious and suspicious apps, including file-encrypting ransomware malware. Requires Windows Defender AV.
|
||||
|
||||
Windows 10, version 1803 provides additional protections:
|
||||
|
||||
- New Attack surface reduction rules
|
||||
- Controlled folder access can now block disk sectors
|
||||
|
||||
You can evaluate each feature of Windows Defender EG with the guides at the following link, which provide pre-built PowerShell scripts and testing tools so you can see the features in action:
|
||||
- [Evaluate Windows Defender Exploit Guard](evaluate-windows-defender-exploit-guard.md)
|
||||
|
||||
@ -3,9 +3,13 @@
|
||||
|
||||
## [Customize the Windows Defender Security Center app for your organization](wdsc-customize-contact-information.md)
|
||||
## [Hide Windows Defender Security Center app notifications](wdsc-hide-notifications.md)
|
||||
## [Manage Windows Defender Security Center in Windows 10 in S mode](wdsc-windows-10-in-s-mode.md)
|
||||
## [Virus and threat protection](wdsc-virus-threat-protection.md)
|
||||
## [Device performance and health](wdsc-device-performance-health.md)
|
||||
## [Account protection](wdsc-account-protection.md)
|
||||
## [Firewall and network protection](wdsc-firewall-network-protection.md)
|
||||
## [App and browser control](wdsc-app-browser-control.md)
|
||||
## [Device security](wdsc-device-security.md)
|
||||
## [Device performance and health](wdsc-device-performance-health.md)
|
||||
## [Family options](wdsc-family-options.md)
|
||||
|
||||
|
||||
|
||||
Binary file not shown.
|
Before Width: | Height: | Size: 78 KiB After Width: | Height: | Size: 239 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 208 KiB After Width: | Height: | Size: 57 KiB |
Binary file not shown.
|
Before Width: | Height: | Size: 2.2 KiB After Width: | Height: | Size: 5.3 KiB |
Binary file not shown.
|
After Width: | Height: | Size: 238 KiB |
@ -39,7 +39,7 @@ This can only be done in Group Policy.
|
||||
>[!IMPORTANT]
|
||||
>### Requirements
|
||||
>
|
||||
>You must have Windows 10, version 1709 (the Fall Creators Update). The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
>You must have Windows 10, version 1709 or later. The ADMX/ADML template files for earlier versions of Windows do not include these Group Policy settings.
|
||||
|
||||
1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and click **Edit**.
|
||||
|
||||
|
||||
@ -22,7 +22,11 @@ ms.date: 04/30/2018
|
||||
- Windows 10, version 1703 and later
|
||||
|
||||
|
||||
The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products. In Windows 10, version 1803 and later, this section also contains information and settings for ransomware protection and recovery, including Controlled folder access settings and sign in to Microsoft OneDrive. IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
The **Virus & threat protection** section contains information and settings for antivirus protection from Windows Defender Antivirus and third-party AV products.
|
||||
|
||||
In Windows 10, version 1803, this section also contains information and settings for ransomware protection and recovery. This includes Controlled folder access settings to prevent unknown apps from changing files in protected folders, plus Microsoft OneDrive configuration to help you recover from a ransomware attack. This area also notifies users and provides recovery instructions in the event of a ransomware attack.
|
||||
|
||||
IT administrators and IT pros can get more information and documentation about configuration from the following:
|
||||
|
||||
- [Windows Defender Antivirus in the Windows Defender Security Center app](../windows-defender-antivirus/windows-defender-security-center-antivirus.md)
|
||||
- [Windows Defender Antivirus documentation library](../windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md)
|
||||
|
||||
@ -11,7 +11,7 @@ ms.pagetype: security
|
||||
ms.localizationpriority: medium
|
||||
author: andreabichsel
|
||||
ms.author: v-anbic
|
||||
ms.date: 04/11/2018
|
||||
ms.date: 04/30/2018
|
||||
---
|
||||
|
||||
|
||||
@ -75,12 +75,15 @@ You can find more information about each section, including options for configur
|
||||
|
||||
|
||||
## Open the Windows Defender Security Center app
|
||||
- Right-click the icon in the notification area on the taskbar and click **Open**.
|
||||
- Click the icon in the notification area on the taskbar.
|
||||
|
||||
|
||||
- Search the Start menu for **Windows Defender Security Center**.
|
||||
|
||||
|
||||
- Open an area from Windows **Settings**.
|
||||
|
||||
|
||||
|
||||
|
||||
> [!NOTE]
|
||||
|
||||
@ -28,8 +28,6 @@ Starting with Windows 10, version 1703 your employees can use Windows Defender S
|
||||
**To use Windows Defender Security Center to set up Windows Defender SmartScreen on a device**
|
||||
1. Open the Windows Defender Security Center app, and then click **App & browser control**.
|
||||
|
||||
|
||||
|
||||
2. In the **App & browser control** screen, choose from the following options:
|
||||
|
||||
- In the **Check apps and files** area:
|
||||
|
||||
@ -7,7 +7,7 @@ ms.mktglfcycl: deploy
|
||||
ms.localizationpriority: high
|
||||
ms.author: sagaudre
|
||||
author: brianlic-msft
|
||||
ms.date: 10/31/2017
|
||||
ms.date: 05/01/2018
|
||||
---
|
||||
|
||||
# Windows Security Baselines
|
||||
|
||||
Reference in New Issue
Block a user