new zero day topic

windows/security/threat-protection/TOC.md

@@ -64,6 +64,7 @@
 ##### [Address security recommendations](microsoft-defender-atp/tvm-security-recommendation.md)
 ##### [Remediate vulnerabilities](microsoft-defender-atp/tvm-remediation.md)
 ##### [Exceptions for security recommendations](microsoft-defender-atp/tvm-exception.md)
+##### [Mitigate zero-day vulnerabilities](microsoft-defender-atp/tvm-zero-day-vulnerabilities.md)
 ##### [Plan for end-of-support software](microsoft-defender-atp/tvm-end-of-support-software.md)
 #### [Understand vulnerabilities on your devices]()
 ##### [Software inventory](microsoft-defender-atp/tvm-software-inventory.md)

windows/security/threat-protection/microsoft-defender-atp/tvm-zero-day-vulnerabilities.md

@@ -0,0 +1,70 @@
+---
+title: Mitigate zero-day vulnerabilities - threat and vulnerability management
+description: A report showing vulnerable device trends and current statistics. The goal is for you to understand the breath and scope of your device exposure.
+keywords: mdatp-tvm vulnerable devices, mdatp, tvm, reduce threat & vulnerability exposure, reduce threat and vulnerability, monitor security configuration
+search.product: eADQiWindows 10XVcnh
+search.appverid: met150
+ms.prod: w10
+ms.mktglfcycl: deploy
+ms.sitesec: library
+ms.pagetype: security
+ms.author: ellevin
+author: levinec
+ms.localizationpriority: medium
+manager: dansimp
+audience: ITPro
+ms.collection: 
+- m365-security-compliance 
+- m365initiative-defender-endpoint 
+ms.topic: article
+---
+
+# Mitigate zero-day vulnerabilities - threat and vulnerability management
+
+[!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)]
+
+**Applies to:**
+
+- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2146631)
+- [Threat and vulnerability management](next-gen-threat-and-vuln-mgt.md)
+
+>Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-portaloverview-abovefoldlink)
+
+A zero-day vulnerability is a publicly disclosed vulnerability for which no official patches or security updates have been released. Zero-day vulnerabilities often have high severity levels and are actively exploited.
+
+Once a zero-day vulnerability has been found, information about it will be conveyed through the following experiences in the Microsoft Defender Security Center:
+
+## Threat and vulnerability management dashboard
+
+Find recommendations with a zero-day tag in the “Top security recommendation” card.
+
+## Weaknesses page
+
+Find the named zero-day vulnerability along with a description and details.
+
+- If this vulnerability has a CVE-ID assigned, you’ll see the zero-day label next to the CVE name. 
+
+- If this vulnerability has no CVE-ID assigned, you will find it under an internal, temporary name that looks like “TVM-XXXX-XXXX”. The name will be updated once an official CVE-ID has been assigned, but the previous internal name will still be searchable and found in the side-panel.
+
+## Software inventory page
+
+Find software with the zero-day tag.
+
+## Software page
+
+Find a zero-day tag for each software that has been affected by the zero–day vulnerability.
+
+## Security recommendations page
+
+Clear suggestions regarding remediation and mitigation options, including workarounds if exist.
+
+When there is an application with associated zero-day vulnerability and additional vulnerabilities to address , you will get one recommendation regarding both.
+
+When a patch is released for the zero-day, the recommendation will be changed to “Update” and a blue label next to it that says “New security update for zero day.”
+
+![One graph of current vulnerable devices by Windows 10 version, and one graph showing vulnerable devices by Windows 10 version over time.](images/tvm-report-version.png)
+
+## Related topics
+
+- [Threat and vulnerability management overview](next-gen-threat-and-vuln-mgt.md)
+- [Security recommendations](tvm-security-recommendation.md)