From 9a70d0e9f42091d9fd96afacba78f3aa42ead559 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Thu, 21 Nov 2019 15:39:32 -0800 Subject: [PATCH 01/31] Update surface-hub-2s-prepare-environment.md --- devices/surface-hub/surface-hub-2s-prepare-environment.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-prepare-environment.md b/devices/surface-hub/surface-hub-2s-prepare-environment.md index a1bd059ab4..fba71d0e0e 100644 --- a/devices/surface-hub/surface-hub-2s-prepare-environment.md +++ b/devices/surface-hub/surface-hub-2s-prepare-environment.md @@ -9,7 +9,7 @@ ms.author: greglin manager: laurawi audience: Admin ms.topic: article -ms.date: 06/20/2019 +ms.date: 11/21/2019 ms.localizationpriority: Medium --- @@ -45,6 +45,6 @@ If you affiliate Surface Hub 2S with on-premises Active Directory Domain Service ## Azure Active Directory -When choosing to affiliate your Surface Hub 2S with Azure AD, any user in the Global Admins Security Group can sign in to the Settings app on Surface Hub 2S. Alternatively, you can configure the Device Administrator role to sign in to the Settings app. For more information, see [Administrator role permissions in Azure Active Directory](https://docs.microsoft.com/azure/active-directory/users-groups-roles/directory-assign-admin-roles#device-administrators). Currently, no other group can be delegated to sign in to the Settings app on Surface Hub 2S. +When choosing to affiliate your Surface Hub 2S with Azure AD, any user in the Global Admins Security Group can sign in to the Settings app on Surface Hub 2S. Currently, no other group can be delegated to sign in to the Settings app on Surface Hub 2S. If you enabled Intune Automatic Enrollment for your organization, Surface Hub 2S will automatically enroll itself with Intune. The device’s Bitlocker key is automatically saved in Azure AD. When affiliating Surface Hub 2S with Azure AD, single sign-on and Easy Authentication will not work. From 3923ff02a5ec5e8d9148b59c1bfd0db55e153a31 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 22 Nov 2019 09:52:40 -0800 Subject: [PATCH 02/31] SCCM updates for naming --- devices/surface/TOC.md | 2 +- ...ce-and-system-center-configuration-manager.md | 16 ++++++++-------- ...ration-manager-to-manage-devices-with-semm.md | 14 +++++++------- 3 files changed, 16 insertions(+), 16 deletions(-) diff --git a/devices/surface/TOC.md b/devices/surface/TOC.md index a10cc065ed..bc26815d56 100644 --- a/devices/surface/TOC.md +++ b/devices/surface/TOC.md @@ -17,7 +17,7 @@ ### [Surface device compatibility with Windows 10 Long-Term Servicing Branch](surface-device-compatibility-with-windows-10-ltsc.md) ### [Long-Term Servicing Branch for Surface devices](ltsb-for-surface.md) ### [Wake On LAN for Surface devices](wake-on-lan-for-surface-devices.md) -### [Considerations for Surface and System Center Configuration Manager](considerations-for-surface-and-system-center-configuration-manager.md) +### [Considerations for Surface and Endpoint Configuration Manager](considerations-for-surface-and-system-center-configuration-manager.md) ### [Deploy Surface app with Microsoft Store for Business](deploy-surface-app-with-windows-store-for-business.md) ### [Enable PEAP, EAP-FAST, and Cisco LEAP on Surface devices](enable-peap-eap-fast-and-cisco-leap-on-surface-devices.md) ### [Ethernet adapters and Surface deployment](ethernet-adapters-and-surface-device-deployment.md) diff --git a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md index cf84fec23c..e7658bba69 100644 --- a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md +++ b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md @@ -1,5 +1,5 @@ --- -title: Considerations for Surface and System Center Configuration Manager (Surface) +title: Considerations for Surface and Microsoft Endpoint Configuration Manager description: The management and deployment of Surface devices with Configuration Manager is fundamentally the same as any other PC; this article describes scenarios that may require additional considerations. keywords: manage, deployment, updates, driver, firmware ms.prod: w10 @@ -11,25 +11,25 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/24/2019 +ms.date: 11/22/2019 ms.reviewer: manager: dansimp --- -# Considerations for Surface and System Center Configuration Manager +# Considerations for Surface and Microsoft Endpoint Configuration Manager -Fundamentally, management and deployment of Surface devices with System Center Configuration Manager (SCCM) is the same as the management and deployment of any other PC. Like other PCs, a deployment to Surface devices includes importing drivers, importing a Windows image, preparing a deployment task sequence, and then deploying the task sequence to a collection. After deployment, Surface devices are like any other Windows client – to publish apps, settings, and policies, you use the same process that you would use for any other device. +Fundamentally, management and deployment of Surface devices with Endpoint Configuration Manager (formerly known as System Center Configuration Manager or SCCM) is the same as the management and deployment of any other PC. Like other PCs, a deployment to Surface devices includes importing drivers, importing a Windows image, preparing a deployment task sequence, and then deploying the task sequence to a collection. After deployment, Surface devices are like any other Windows client – to publish apps, settings, and policies, you use the same process that you would use for any other device. -You can find more information about how to use Configuration Manager to deploy and manage devices in the [Documentation for System Center Configuration Manager](https://docs.microsoft.com/sccm/index). +You can find more information about how to use Configuration Manager to deploy and manage devices in the [Documentation for Endpoint Configuration Manager](https://docs.microsoft.com/sccm/index). Although the deployment and management of Surface devices is fundamentally the same as any other PC, there are some scenarios that may require additional considerations or steps. This article provides descriptions and guidance for these scenarios; the solutions documented in this article may apply to other devices and manufacturers as well. >[!NOTE] ->For management of Surface devices it is recommended that you use the Current Branch of System Center Configuration Manager. +>For management of Surface devices it is recommended that you use the Current Branch of Endpoint Configuration Manager. ## Support for Surface Pro X -Beginning in version 1802, SCCM includes client management support for Surface Pro X. Note however that running the SCCM agent on Surface Pro X may accelerate battery consumption. In addition, SCCM operating system deployment is not supported on Surface Pro X. For more information, refer to: -- [What's new in version 1802 of System Center Configuration Manager](https://docs.microsoft.com/sccm/core/plan-design/changes/whats-new-in-version-1802) +Beginning in version 1802, Endpoint Configuration Manager includes client management support for Surface Pro X. Note however that running the Endpoint Configuration Manager agent on Surface Pro X may accelerate battery consumption. In addition, operating system deployment using Endpoint Configuration Manager is not supported on Surface Pro X. For more information, refer to: +- [What's new in version 1802 of System Center Configuration Manager](https://docs.microsoft.com/Endpoint Configuration Manager/core/plan-design/changes/whats-new-in-version-1802) - [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md) ## Updating Surface device drivers and firmware diff --git a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md index 6c29966521..85b5bfa7d1 100644 --- a/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md +++ b/devices/surface/use-system-center-configuration-manager-to-manage-devices-with-semm.md @@ -1,6 +1,6 @@ --- -title: Use System Center Configuration Manager to manage devices with SEMM (Surface) -description: Find out how to use Microsoft Surface UEFI Manager to perform SEMM management with System Center Configuration Manager. +title: Use Microsoft Endpoint Configuration Manager to manage devices with SEMM (Surface) +description: Learn how to manage SEMM with Endpoint Configuration Manager. keywords: enroll, update, scripts, settings ms.prod: w10 ms.mktglfcycl: manage @@ -9,21 +9,21 @@ ms.sitesec: library author: dansimp ms.author: dansimp ms.topic: article -ms.date: 10/31/2019 +ms.date: 11/22/2019 ms.reviewer: manager: dansimp ms.localizationpriority: medium ms.audience: itpro --- -# Use System Center Configuration Manager to manage devices with SEMM +# Use Microsoft Endpoint Configuration Manager to manage devices with SEMM The Surface Enterprise Management Mode (SEMM) feature of Surface UEFI devices allows administrators to both manage and secure the configuration of Surface UEFI settings. For most organizations, this process is accomplished by creating Windows Installer (.msi) packages with the Microsoft Surface UEFI Configurator tool. These packages are then run or deployed to the client Surface devices to enroll the devices in SEMM and to update the Surface UEFI settings configuration. -For organizations with System Center Configuration Manager, there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool. +For organizations with Endpoint Configuration Manager, (formerly known as System Center Configuration Manager or SCCM) there is an alternative to using the Microsoft Surface UEFI Configurator .msi process to deploy and administer SEMM. Microsoft Surface UEFI Manager is a lightweight installer that makes required assemblies for SEMM management available on a device. By installing these assemblies with Microsoft Surface UEFI Manager on a managed client, SEMM can be administered by Configuration Manager with PowerShell scripts, deployed as applications. With this process, SEMM management is performed within Configuration Manager, which eliminates the need for the external Microsoft Surface UEFI Configurator tool. >[!Note] ->Although the process described in this article may work with earlier versions of System Center Configuration Manager or with other third-party management solutions, management of SEMM with Microsoft Surface UEFI Manager and PowerShell is supported only with the Current Branch of System Center Configuration Manager. +>Although the process described in this article may work with earlier versions of Endpoint Configuration Manager or with other third-party management solutions, management of SEMM with Microsoft Surface UEFI Manager and PowerShell is supported only with the Current Branch of Endpoint Configuration Manager. #### Prerequisites @@ -278,7 +278,7 @@ To identify enrolled systems for Configuration Manager, the ConfigureSEMM.ps1 sc The following code fragment, found on lines 380-477, is used to write these registry keys: ``` -380 # For SCCM or other management solutions that wish to know what version is applied, tattoo the LSV and current DateTime (in UTC) to the registry: +380 # For Endpoint Configuration Manager or other management solutions that wish to know what version is applied, tattoo the LSV and current DateTime (in UTC) to the registry: 381 $UTCDate = (Get-Date).ToUniversalTime().ToString() 382 $certIssuer = $certPrint.Issuer 383 $certSubject = $certPrint.Subject From 13b495e9df01393c6405edb34bd6df9e6c7589e5 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 22 Nov 2019 09:59:45 -0800 Subject: [PATCH 03/31] Update surface-hub-2s-techspecs.md --- devices/surface-hub/surface-hub-2s-techspecs.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/surface-hub/surface-hub-2s-techspecs.md b/devices/surface-hub/surface-hub-2s-techspecs.md index 60718ec709..4e40f9ae25 100644 --- a/devices/surface-hub/surface-hub-2s-techspecs.md +++ b/devices/surface-hub/surface-hub-2s-techspecs.md @@ -41,5 +41,5 @@ ms.localizationpriority: Medium |**Input Power, standby**| 5 W max | > [!NOTE] -> 1 System software uses significant storage space. Available storage is subject to change based on system software updates and apps usage. 1 GB= 1 billion bytes. See Surface.com/Storage for more details.
2 Doppler sensor not available in Hong Kong due to local federal government restrictions. +> 1 System software uses significant storage space. Available storage is subject to change based on system software updates and apps usage. 1 GB= 1 billion bytes. See Surface.com/Storage for more details.
2 Doppler sensor not available in Hong Kong, India, Kuwait, and Oman due to government regulations.
3 Software license required for some features. Sold separately.
From 2201d86399a83afa8288c4136265eb9e2cb58616 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 22 Nov 2019 12:31:23 -0800 Subject: [PATCH 04/31] Updates for naming and links --- devices/surface-hub/index.md | 5 +++-- devices/surface-hub/surface-hub-2s-adoption-videos.md | 4 ++-- devices/surface/get-started.md | 2 +- .../surface/manage-surface-driver-and-firmware-updates.md | 2 +- 4 files changed, 7 insertions(+), 6 deletions(-) diff --git a/devices/surface-hub/index.md b/devices/surface-hub/index.md index 61a9b33c78..f60588a000 100644 --- a/devices/surface-hub/index.md +++ b/devices/surface-hub/index.md @@ -122,7 +122,7 @@ Surface Hub 2S is an all-in-one digital interactive whiteboard, meetings platfor
-

Support

+

Troubleshoot

Service and warranty

Recover & reset Surface Hub 2S

Surface Hub support solutions

@@ -156,7 +156,8 @@ Surface Hub 2S is an all-in-one digital interactive whiteboard, meetings platfor
-

Surface Hub 2s Videos

+

Surface Hub 2S Videos

+

Adoption and training videos

What is Surface Hub 2S?

Surface Hub 2S with Teams

Surface Hub 2S with Microsoft 365

diff --git a/devices/surface-hub/surface-hub-2s-adoption-videos.md b/devices/surface-hub/surface-hub-2s-adoption-videos.md index 5e0419624f..e726878ece 100644 --- a/devices/surface-hub/surface-hub-2s-adoption-videos.md +++ b/devices/surface-hub/surface-hub-2s-adoption-videos.md @@ -1,5 +1,5 @@ --- -title: "Surface Hub 2S on-demand adoption and training videos" +title: "Surface Hub 2S adoption and training videos" description: "This page contains on-demand training for Surface Hub 2S." keywords: separate values with commas ms.prod: surface-hub @@ -13,7 +13,7 @@ ms.date: 11/04/2019 ms.localizationpriority: Medium --- -# Surface Hub 2S on-demand adoption and training videos +# Surface Hub 2S adoption and training videos This page contains comprehensive training for Surface Hub 2S, available on demand. diff --git a/devices/surface/get-started.md b/devices/surface/get-started.md index ff37d7a72e..af2bc13af9 100644 --- a/devices/surface/get-started.md +++ b/devices/surface/get-started.md @@ -28,7 +28,7 @@ Harness the power of Surface, Windows, and Office connected together through the

Plan

-

Surface and SCCM considerations

+

Surface and Endpoint Configuration Manager considerations

Wake On LAN for Surface devices

diff --git a/devices/surface/manage-surface-driver-and-firmware-updates.md b/devices/surface/manage-surface-driver-and-firmware-updates.md index efdf20be4d..7f470ab3ac 100644 --- a/devices/surface/manage-surface-driver-and-firmware-updates.md +++ b/devices/surface/manage-surface-driver-and-firmware-updates.md @@ -41,7 +41,7 @@ For details about Group Policy for client configuration of WSUS or Windows Updat Surface driver and firmware updates are packaged as Windows Installer (MSI) files. To deploy these Windows Installer packages, you can use application deployment utilities such as the Microsoft Deployment Toolkit (MDT) or System Center Configuration Manager. Such solutions provide the means for administrators to test and review updates before deploying them, and to centralize deployment. For each device, it is important to select the correct MSI file for the device and its operating system. For more information see [Deploy the latest firmware and drivers for Surface devices](deploy-the-latest-firmware-and-drivers-for-surface-devices.md). -For instructions on how to deploy updates by using System Center Configuration Manager, refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt). +For instructions on how to deploy updates by using Endpoint Configuration Manager (formerly System Center Configuration Manager), refer to [Deploy applications with Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/deploy-applications). For instructions on how to deploy updates by using MDT, see [Deploy a Windows 10 image using MDT](https://docs.microsoft.com/windows/deployment/deploy-windows-mdt/deploy-a-windows-10-image-using-mdt). > [!NOTE] > You can deploy applications separately from an operating system deployment through MDT by using a Post OS Installation task sequence. From b75869a06d9d5b84359e26cc1ecdf85677bf7d25 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Fri, 22 Nov 2019 15:10:06 -0800 Subject: [PATCH 05/31] Update surface-hub-2s-adoption-videos.md --- .../surface-hub-2s-adoption-videos.md | 20 +++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-adoption-videos.md b/devices/surface-hub/surface-hub-2s-adoption-videos.md index e726878ece..185a8db078 100644 --- a/devices/surface-hub/surface-hub-2s-adoption-videos.md +++ b/devices/surface-hub/surface-hub-2s-adoption-videos.md @@ -19,7 +19,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 1 - Training overview -> ![VIDEO ]
+> [!VIDEO ]
- Welcome and introduction - Training overview and agenda @@ -31,7 +31,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 2 - Getting started with Surface Hub -> ![VIDEO ]
+> [!VIDEO ]
- What is Surface Hub? - Technical overview @@ -42,7 +42,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 3 - Navigating Surface Hub -> ![VIDEO ]
+> [!VIDEO ]
- Welcome screen - Start menu @@ -54,7 +54,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 4 - Whiteboarding and collaboration -> ![VIDEO ]
+> [!VIDEO ]
- Whiteboard introduction - Starting the Whiteboard @@ -66,7 +66,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 5 - Exploring Surface Hub apps -> ![VIDEO ]
+> [!VIDEO ]
- Surface Hub apps introduction - PowerPoint overview @@ -76,7 +76,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 6 - Advanced apps and Office 365 -> ![VIDEO ]
+> [!VIDEO ]
- Advanced apps introduction - Microsoft Maps @@ -88,7 +88,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 7 - Connecting devices -> ![VIDEO ]
+> [!VIDEO ]
- Connect introduction - Miracast overview @@ -99,7 +99,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 8 - Skype for Business meetings -> ![VIDEO ]
+> [!VIDEO ]
- Introduction to Skype for Business -Scheduling Skype for Business meetings @@ -111,7 +111,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 9 - Microsoft Teams meetings -> ![VIDEO ]
+> [!VIDEO ]
- Introduction to Microsoft Teams - Scheduling Microsoft Teams meetings @@ -124,7 +124,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 10 - Basic troubleshooting -> ![VIDEO ]
+> [!VIDEO ]
- Introduction to Surface Hub troubleshooting - Application troubleshooting From 053db1feb5ab8099e6985549ef0ed46180d689cf Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 25 Nov 2019 09:35:04 -0800 Subject: [PATCH 06/31] Update surface-hub-2s-adoption-videos.md --- .../surface-hub-2s-adoption-videos.md | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/devices/surface-hub/surface-hub-2s-adoption-videos.md b/devices/surface-hub/surface-hub-2s-adoption-videos.md index 185a8db078..5e0419624f 100644 --- a/devices/surface-hub/surface-hub-2s-adoption-videos.md +++ b/devices/surface-hub/surface-hub-2s-adoption-videos.md @@ -1,5 +1,5 @@ --- -title: "Surface Hub 2S adoption and training videos" +title: "Surface Hub 2S on-demand adoption and training videos" description: "This page contains on-demand training for Surface Hub 2S." keywords: separate values with commas ms.prod: surface-hub @@ -13,13 +13,13 @@ ms.date: 11/04/2019 ms.localizationpriority: Medium --- -# Surface Hub 2S adoption and training videos +# Surface Hub 2S on-demand adoption and training videos This page contains comprehensive training for Surface Hub 2S, available on demand. ## Chapter 1 - Training overview -> [!VIDEO ]
+> ![VIDEO ]
- Welcome and introduction - Training overview and agenda @@ -31,7 +31,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 2 - Getting started with Surface Hub -> [!VIDEO ]
+> ![VIDEO ]
- What is Surface Hub? - Technical overview @@ -42,7 +42,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 3 - Navigating Surface Hub -> [!VIDEO ]
+> ![VIDEO ]
- Welcome screen - Start menu @@ -54,7 +54,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 4 - Whiteboarding and collaboration -> [!VIDEO ]
+> ![VIDEO ]
- Whiteboard introduction - Starting the Whiteboard @@ -66,7 +66,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 5 - Exploring Surface Hub apps -> [!VIDEO ]
+> ![VIDEO ]
- Surface Hub apps introduction - PowerPoint overview @@ -76,7 +76,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 6 - Advanced apps and Office 365 -> [!VIDEO ]
+> ![VIDEO ]
- Advanced apps introduction - Microsoft Maps @@ -88,7 +88,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 7 - Connecting devices -> [!VIDEO ]
+> ![VIDEO ]
- Connect introduction - Miracast overview @@ -99,7 +99,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 8 - Skype for Business meetings -> [!VIDEO ]
+> ![VIDEO ]
- Introduction to Skype for Business -Scheduling Skype for Business meetings @@ -111,7 +111,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 9 - Microsoft Teams meetings -> [!VIDEO ]
+> ![VIDEO ]
- Introduction to Microsoft Teams - Scheduling Microsoft Teams meetings @@ -124,7 +124,7 @@ This page contains comprehensive training for Surface Hub 2S, available on deman ## Chapter 10 - Basic troubleshooting -> [!VIDEO ]
+> ![VIDEO ]
- Introduction to Surface Hub troubleshooting - Application troubleshooting From e962cae648161d329cf3ae6dac9c43cd0c42cd9e Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 25 Nov 2019 12:14:51 -0800 Subject: [PATCH 07/31] Update considerations-for-surface-and-system-center-configuration-manager.md --- ...and-system-center-configuration-manager.md | 24 +++++++++---------- 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md index e7658bba69..351b6d2449 100644 --- a/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md +++ b/devices/surface/considerations-for-surface-and-system-center-configuration-manager.md @@ -11,7 +11,7 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 11/22/2019 +ms.date: 11/25/2019 ms.reviewer: manager: dansimp --- @@ -20,7 +20,7 @@ manager: dansimp Fundamentally, management and deployment of Surface devices with Endpoint Configuration Manager (formerly known as System Center Configuration Manager or SCCM) is the same as the management and deployment of any other PC. Like other PCs, a deployment to Surface devices includes importing drivers, importing a Windows image, preparing a deployment task sequence, and then deploying the task sequence to a collection. After deployment, Surface devices are like any other Windows client – to publish apps, settings, and policies, you use the same process that you would use for any other device. -You can find more information about how to use Configuration Manager to deploy and manage devices in the [Documentation for Endpoint Configuration Manager](https://docs.microsoft.com/sccm/index). +You can find more information about how to use Configuration Manager to deploy and manage devices in the [Microsoft Endpoint Configuration Manager documentation](https://docs.microsoft.com/sccm/index). Although the deployment and management of Surface devices is fundamentally the same as any other PC, there are some scenarios that may require additional considerations or steps. This article provides descriptions and guidance for these scenarios; the solutions documented in this article may apply to other devices and manufacturers as well. @@ -29,14 +29,14 @@ Although the deployment and management of Surface devices is fundamentally the s ## Support for Surface Pro X Beginning in version 1802, Endpoint Configuration Manager includes client management support for Surface Pro X. Note however that running the Endpoint Configuration Manager agent on Surface Pro X may accelerate battery consumption. In addition, operating system deployment using Endpoint Configuration Manager is not supported on Surface Pro X. For more information, refer to: -- [What's new in version 1802 of System Center Configuration Manager](https://docs.microsoft.com/Endpoint Configuration Manager/core/plan-design/changes/whats-new-in-version-1802) +- [What's new in version 1802 of System Center Configuration Manager](https://docs.microsoft.com/configmgr/core/plan-design/changes/whats-new-in-version-1802) - [Deploying, managing, and servicing Surface Pro X](surface-pro-arm-app-management.md) ## Updating Surface device drivers and firmware For devices that receive updates through Windows Update, drivers for Surface components – and even firmware updates – are applied automatically as part of the Windows Update process. For devices with managed updates, such as those updated through Windows Server Update Services (WSUS), the option to install drivers and firmware through Windows Update is not available. For these managed devices, the recommended driver management process is the deployment of driver and firmware updates using the Windows Installer (.msi) files, which are provided through the Microsoft Download Center. You can find a list of these downloads at [Download the latest firmware and drivers for Surface devices](https://technet.microsoft.com/itpro/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices). -As .msi files, deployment of driver and firmware updates is performed in the same manner as deployment of an application. Instead of installing an application as would normally happen when an .msi file is run, the Surface driver and firmware .msi will apply the driver and firmware updates to the device. The single .msi file contains the driver and firmware updates required by each component of the Surface device. The updates for firmware are applied the next time the device reboots. You can read more about the .msi installation method for Surface drivers and firmware in [Manage Surface driver and firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-pro-3-firmware-updates). For more information about how to deploy applications with Configuration Manager, see [Packages and programs in System Center Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/packages-and-programs). +As .msi files, deployment of driver and firmware updates is performed in the same manner as deployment of an application. Instead of installing an application as would normally happen when an .msi file is run, the Surface driver and firmware .msi will apply the driver and firmware updates to the device. The single .msi file contains the driver and firmware updates required by each component of the Surface device. The updates for firmware are applied the next time the device reboots. You can read more about the .msi installation method for Surface drivers and firmware in [Manage Surface driver and firmware updates](https://technet.microsoft.com/itpro/surface/manage-surface-pro-3-firmware-updates). For more information about how to deploy applications with Configuration Manager, see [Packages and programs in Configuration Manager](https://docs.microsoft.com/sccm/apps/deploy-use/packages-and-programs). >[!NOTE] >Surface device drivers and firmware are signed with SHA-256, which is not natively supported by Windows Server 2008 R2. A workaround is available for Configuration Manager environments running on Windows Server 2008 R2 – for more information see [Can't import drivers into System Center Configuration Manager (KB3025419)](https://support.microsoft.com/kb/3025419). @@ -47,25 +47,25 @@ The default mechanism that Configuration Manager uses to identify devices during To ensure that Surface devices using the same Ethernet adapter are identified as unique devices during deployment, you can instruct Configuration Manager to identify devices using another method. This other method could be the MAC address of the wireless network adapter or the System Universal Unique Identifier (System UUID). You can specify that Configuration Manager use other identification methods with the following options: -* Add an exclusion for the MAC addresses of Surface Ethernet adapters, which forces Configuration Manager to overlook the MAC address in preference of the System UUID, as documented in the [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post. +* Add an exclusion for the MAC addresses of Surface Ethernet adapters, which forces Configuration Manager to overlook the MAC address in preference of the System UUID, as documented in [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/). -* Prestage devices by System UUID as documented in the [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/) blog post. +* Prestage devices by System UUID as documented in [Reusing the same NIC for multiple PXE initiated deployments in System Center Configuration Manager OSD](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2015/08/27/reusing-the-same-nic-for-multiple-pxe-initiated-deployments-in-system-center-configuration-manger-osd/). -* Use a script to identify a newly deployed Surface device by the MAC address of its wireless adapter, as documented in the [How to Use The Same External Ethernet Adapter For Multiple SCCM OSD](https://blogs.technet.microsoft.com/askpfeplat/2014/07/27/how-to-use-the-same-external-ethernet-adapter-for-multiple-sccm-osd/) blog post. +* Use a script to identify a newly deployed Surface device by the MAC address of its wireless adapter, as documented in [How to Use The Same External Ethernet Adapter For Multiple SCCM OSD](https://blogs.technet.microsoft.com/askpfeplat/2014/07/27/how-to-use-the-same-external-ethernet-adapter-for-multiple-sccm-osd/). Another consideration for the Surface Ethernet adapter during deployments with Configuration Manager is the driver for the Ethernet controller. Beginning in Windows 10, version 1511, the driver for the Surface Ethernet adapter is included by default in Windows. For organizations that want to deploy the latest version of Windows 10 and use the latest version of WinPE, use of the Surface Ethernet adapter requires no additional actions. -For versions of Windows prior to Windows 10, version 1511 (including Windows 10 RTM and Windows 8.1), you may still need to install the Surface Ethernet adapter driver and include the driver in your WinPE boot media. With its inclusion in Windows 10, the driver is no longer available for download from the Microsoft Download Center. To download the Surface Ethernet adapter driver, download it from the Microsoft Update Catalog as documented in the [Surface Ethernet Drivers](https://blogs.technet.microsoft.com/askcore/2016/08/18/surface-ethernet-drivers/) blog post from the Ask The Core Team blog. +For versions of Windows prior to Windows 10, version 1511 (including Windows 10 RTM and Windows 8.1), you may still need to install the Surface Ethernet adapter driver and include the driver in your WinPE boot media. With its inclusion in Windows 10, the driver is no longer available for download from the Microsoft Download Center. To download the Surface Ethernet adapter driver, refer to [Surface Ethernet Drivers](https://blogs.technet.microsoft.com/askcore/2016/08/18/surface-ethernet-drivers/). ## Deploy Surface app with Configuration Manager -With the release of Microsoft Store for Business, Surface app is no longer available as a driver and firmware download. Organizations that want to deploy Surface app to managed Surface devices or during deployment with the use of Configuration Manager, must acquire Surface app through Microsoft Store for Business and then deploy Surface app with PowerShell. You can find the PowerShell commands for deployment of Surface app, instructions to download Surface app, and prerequisite frameworks from Microsoft Store for Business in the [Deploy Surface app with Microsoft Store for Business](https://technet.microsoft.com/itpro/surface/deploy-surface-app-with-windows-store-for-business) article in the TechNet Library. +With the release of Microsoft Store for Business, Surface app is no longer available as a driver and firmware download. Organizations that want to deploy Surface app to managed Surface devices or during deployment with the use of Configuration Manager, must acquire Surface app through Microsoft Store for Business and then deploy Surface app with PowerShell. For more information including PowerShell commands for deploying Surface app, refer to [Deploy Surface app with Microsoft Store for Business](https://technet.microsoft.com/itpro/surface/deploy-surface-app-with-windows-store-for-business). ## Use prestaged media with Surface clients If your organization uses prestaged media to pre-load deployment resources on to machines prior to deployment with Configuration Manager, the nature of Surface devices as UEFI devices may require you to take additional steps. Specifically, a native UEFI environment requires that you create multiple partitions on the boot disk of the system. If you are following along with the [documentation for prestaged media](https://technet.microsoft.com/library/79465d90-4831-4872-96c2-2062d80f5583?f=255&MSPPError=-2147217396#BKMK_CreatePrestagedMedia), the instructions provide for only single partition boot disks and therefore will fail when applied to Surface devices. -Instructions for applying prestaged media to UEFI devices, such as Surface devices, can be found in the [How to apply Task Sequence Prestaged Media on multi-partitioned disks for BIOS or UEFI PCs in System Center Configuration Manager](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2014/04/02/how-to-apply-task-sequence-prestaged-media-on-multi-partitioned-disks-for-bios-or-uefi-pcs-in-system-center-configuration-manager/) blog post. +To apply prestaged media to UEFI devices, such as Surface devices, refer to [How to apply Task Sequence Prestaged Media on multi-partitioned disks for BIOS or UEFI PCs in System Center Configuration Manager](https://blogs.technet.microsoft.com/system_center_configuration_manager_operating_system_deployment_support_blog/2014/04/02/how-to-apply-task-sequence-prestaged-media-on-multi-partitioned-disks-for-bios-or-uefi-pcs-in-system-center-configuration-manager/). ## Licensing conflicts with OEM Activation 3.0 @@ -77,9 +77,9 @@ However, issues may arise when organizations intend to use versions of Windows t ## Apply an asset tag during deployment -Surface Studio, Surface Book, Surface Pro 4, Surface Pro 3, and Surface 3 devices all support the application of an asset tag in UEFI. This asset tag can be used to identify the device from UEFI even if the operating system fails, and it can also be queried from within the operating system. To read more about the Surface Asset Tag function, see the [Asset Tag Tool for Surface Pro 3](https://blogs.technet.microsoft.com/askcore/2014/10/20/asset-tag-tool-for-surface-pro-3/) blog post. +Surface Studio, Surface Book, Surface Pro 4, Surface Pro 3, and Surface 3 devices all support the application of an asset tag in UEFI. This asset tag can be used to identify the device from UEFI even if the operating system fails, and it can also be queried from within the operating system. For more information, refer to [Surface Asset Tag Tool](assettag.md). -To apply an asset tag using the [Surface Asset Tag CLI Utility](https://www.microsoft.com/download/details.aspx?id=44076) during a Configuration Manager deployment task sequence, use the script and instructions found in the [Set Surface Asset Tag During a Configuration Manager Task Sequence](https://blogs.technet.microsoft.com/jchalfant/set-surface-pro-3-asset-tag-during-a-configuration-manager-task-sequence/) blog post. +To apply an asset tag using the [Surface Asset Tag CLI Utility](https://www.microsoft.com/download/details.aspx?id=44076) during a Configuration Manager deployment task sequence, use the script and instructions in [Set Surface Asset Tag During a Configuration Manager Task Sequence](https://blogs.technet.microsoft.com/jchalfant/set-surface-pro-3-asset-tag-during-a-configuration-manager-task-sequence/). ## Configure push-button reset From 33a0bffecc2618914b760a82e1ca65716039efc6 Mon Sep 17 00:00:00 2001 From: lomayor Date: Mon, 25 Nov 2019 12:53:50 -0800 Subject: [PATCH 08/31] Add custom detections frequency info --- .../custom-detection-rules.md | 28 +++++++++++++------ .../overview-custom-detections.md | 2 +- 2 files changed, 21 insertions(+), 9 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index e8692e242a..c13f763721 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -23,7 +23,7 @@ ms.topic: article **Applies to:** - [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) -Custom detection rules built from [Advanced hunting](advanced-hunting-overview.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured machines. The queries run every 24 hours, generating alerts and taking response actions whenever there are matches. +Custom detection rules built from [Advanced hunting](advanced-hunting-overview.md) queries let you proactively monitor various events and system states, including suspected breach activity and misconfigured machines. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches. > [!NOTE] > To create and manage custom detections, [your role](user-roles.md#create-roles-and-assign-the-role-to-an-azure-active-directory-group) needs to have the **manage security settings** permission. @@ -52,13 +52,25 @@ MiscEvents With the query in the query editor, select **Create detection rule** and specify the following alert details: -- **Alert title** -- **Severity** -- **Category** -- **Description** -- **Recommended actions** +- **Detection name** — name of the detection rule +- **Frequency** — interval for running the query and taking action. [See additional guidance below](#rule-frequency) +- **Alert title** — title displayed with alerts triggered by the rule +- **Severity** — potential risk of the component or activity identified by the rule. [Read about alert severities](alerts-queue.md#severity) +- **Category** — type of threat component or activity, if any. [Read about alert categories](alerts-queue.md#understanding-alert-categories) +- **Description** — more information about the component or activity identified by the rule +- **Recommended actions** — additional actions that responders might take in response to an alert -For more information about these alert details, [read about managing alerts](manage-alerts.md). +For more information about how alert details are displayed, [read about the alert queue](alerts-queue.md). + +#### Rule frequency +When saved, custom detections rules immediately run. They then run again at fixed intervals based on the frequency you choose. Rules that run less frequently will have longer lookback durations: + +- **Every 24 hours** — checks data from the past 30 days +- **Every 12 hours** — checks data from the past 24 hours +- **Every 3 hours** — checks data from the past 6 hours +- **Every hour** — checks data from the past 2 hours + +Whenever a rule runs, similar detections on the same machine could be aggregated into fewer alerts, so running a rule less frequently can generate fewer alerts. Select the frequency that matches how closely you want to monitor detections, and consider your organization's capacity to respond to the alerts. ### 3. Specify actions on files or machines. Your custom detection rule can automatically take actions on files or machines that are returned by the query. @@ -115,4 +127,4 @@ You can also take the following actions on the rule from this page: ## Related topic - [Custom detections overview](overview-custom-detections.md) - [Advanced hunting overview](advanced-hunting-overview.md) -- [Learn the Advanced hunting query language](advanced-hunting-query-language.md) +- [Learn the Advanced hunting query language](advanced-hunting-query-language.md) \ No newline at end of file diff --git a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md index 13b9cef73c..03e0f5ca62 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md +++ b/windows/security/threat-protection/microsoft-defender-atp/overview-custom-detections.md @@ -25,7 +25,7 @@ ms.topic: conceptual With custom detections, you can proactively monitor for and respond to various events and system states, including suspected breach activity and misconfigured machines. This is made possible by customizable detection rules that automatically trigger alerts as well as response actions. -Custom detections work with [Advanced hunting](advanced-hunting-overview.md), which provides a powerful, flexible query language that covers a broad set of event and system information from your network. The queries run every 24 hours, generating alerts and taking response actions whenever there are matches. +Custom detections work with [Advanced hunting](advanced-hunting-overview.md), which provides a powerful, flexible query language that covers a broad set of event and system information from your network. You can set them to run at regular intervals, generating alerts and taking response actions whenever there are matches. Custom detections provide: - Alerts for rule-based detections built from Advanced hunting queries From 8e66f14dd07a074fd61bac828ae0c9ac47a4c34e Mon Sep 17 00:00:00 2001 From: lomayor Date: Mon, 25 Nov 2019 13:08:17 -0800 Subject: [PATCH 09/31] Update custom-detection-rules.md --- .../microsoft-defender-atp/custom-detection-rules.md | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index c13f763721..36b9e4ffde 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -127,4 +127,5 @@ You can also take the following actions on the rule from this page: ## Related topic - [Custom detections overview](overview-custom-detections.md) - [Advanced hunting overview](advanced-hunting-overview.md) -- [Learn the Advanced hunting query language](advanced-hunting-query-language.md) \ No newline at end of file +- [Learn the Advanced hunting query language](advanced-hunting-query-language.md) +- [View and organize alerts](alerts-queue) \ No newline at end of file From 7e15e88041f8c02ec7f26504a8bc0ffd67e73fe1 Mon Sep 17 00:00:00 2001 From: lomayor Date: Mon, 25 Nov 2019 13:10:27 -0800 Subject: [PATCH 10/31] Update custom-detection-rules.md --- .../microsoft-defender-atp/custom-detection-rules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index 36b9e4ffde..0238669332 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -128,4 +128,4 @@ You can also take the following actions on the rule from this page: - [Custom detections overview](overview-custom-detections.md) - [Advanced hunting overview](advanced-hunting-overview.md) - [Learn the Advanced hunting query language](advanced-hunting-query-language.md) -- [View and organize alerts](alerts-queue) \ No newline at end of file +- [View and organize alerts](alerts-queue) From a98e5cf9bc8d90296c5d2dbdd08f77da46c1fc81 Mon Sep 17 00:00:00 2001 From: lomayor Date: Mon, 25 Nov 2019 13:40:09 -0800 Subject: [PATCH 11/31] Update custom-detection-rules.md Added missed .md extension --- .../microsoft-defender-atp/custom-detection-rules.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md index 0238669332..fb3a52f9f4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md +++ b/windows/security/threat-protection/microsoft-defender-atp/custom-detection-rules.md @@ -128,4 +128,4 @@ You can also take the following actions on the rule from this page: - [Custom detections overview](overview-custom-detections.md) - [Advanced hunting overview](advanced-hunting-overview.md) - [Learn the Advanced hunting query language](advanced-hunting-query-language.md) -- [View and organize alerts](alerts-queue) +- [View and organize alerts](alerts-queue.md) From 4c5ee5e6477c2e755769d915be6c1e769f1dd7d7 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Mon, 25 Nov 2019 15:46:35 -0800 Subject: [PATCH 12/31] code updates to avoid confusion and address feedback issues --- .../endpoint-detection-response-mac-preview.md | 12 +++++++----- .../microsoft-defender-atp/mac-resources.md | 2 +- 2 files changed, 8 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md index b4823bcb7d..16dea875b1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md @@ -127,22 +127,24 @@ h. Select  **Manage > Assignments**. In the  **Include**  tab, select  * ## Enable the Insider program manually on a single machine -In the command prompt, run: +In terminal, run: ```bash mdatp --edr --early-preview true ``` ->[!NOTE] ->For this command to work, you will need to be at version 100.78.x. ->To get the latest version of the Microsoft Defender ATP for MAC, set the Microsoft AutoUpdate to “Fast Ring”. To get “Microsoft AutoUpdate”, download it from [Release history for Microsoft AutoUpdate (MAU)](https://docs.microsoft.com/officeupdates/release-history-microsoft-autoupdate). - +For versions earlier than 100.78.0, run: +```bash + mdatp --edr --earlyPreview true +``` ## Troubleshooting ### Verify you are running the correct version +To get the latest version of the Microsoft Defender ATP for Mac, set the Microsoft AutoUpdate to “Fast Ring”. To get “Microsoft AutoUpdate”, download it from [Release history for Microsoft AutoUpdate (MAU)](https://docs.microsoft.com/officeupdates/release-history-microsoft-autoupdate). + To verify you are running the correct version, run ‘mdatp --health’ on the machine. * The required version is 100.72.15 or later. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md index ad4bf7ef53..e35c4b95e5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-resources.md @@ -94,7 +94,7 @@ Important tasks, such as controlling product settings and triggering on-demand s |Protection |Do a full scan |`mdatp --scan --full` | |Protection |Cancel an ongoing on-demand scan |`mdatp --scan --cancel` | |Protection |Request a security intelligence update |`mdatp --definition-update` | -|EDR |Turn on/off EDR preview for Mac |`mdatp --edr --early-preview [true/false]` | +|EDR |Turn on/off EDR preview for Mac |`mdatp --edr --early-preview [true/false]` OR `mdatp --edr --earlyPreview [true/false]` for versions earlier than 100.78.0 | |EDR |Add group tag to machine. EDR tags are used for managing machine groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups |`mdatp --edr --set-tag GROUP [name]` | |EDR |Remove group tag from machine |`mdatp --edr --remove-tag [name]` | From 3f0c6df1e8ab8a0a35d0774a14936b9b5f284497 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:00:44 -0800 Subject: [PATCH 13/31] Added EOL --- .../whats-new-in-microsoft-defender-atp.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index 658a41d9f0..c904e09dd8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -30,6 +30,8 @@ For more information preview features, see [Preview features](https://docs.micro ## November 2019 - [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md)
Microsoft Defender ATP for Mac brings the next-generation protection to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices. ([Endpoint detection and response is currently in preview](preview.md).) + +- [Threat & Vulnerability Management application end-of-life notification](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
Applications which have reached their end-of-life are labeled as such so you are aware that it will no longer be supported, and can take action to either uninstall or replace. Doing so will help lessen your risk related to various vulnerability exposures due to unpatched applications. ## October 2019 From 56886d074fc32e4ea64a88534c39d4bf622d4872 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:01:45 -0800 Subject: [PATCH 14/31] Update whats-new-in-microsoft-defender-atp.md --- .../whats-new-in-microsoft-defender-atp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index c904e09dd8..0ffab6c531 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -31,7 +31,7 @@ For more information preview features, see [Preview features](https://docs.micro - [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md)
Microsoft Defender ATP for Mac brings the next-generation protection to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices. ([Endpoint detection and response is currently in preview](preview.md).) -- [Threat & Vulnerability Management application end-of-life notification](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
Applications which have reached their end-of-life are labeled as such so you are aware that it will no longer be supported, and can take action to either uninstall or replace. Doing so will help lessen your risk related to various vulnerability exposures due to unpatched applications. +- [Threat & Vulnerability Management application end-of-life notification](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
Applications which have reached their end-of-life are labeled as such so you are aware that it will no longer be supported, and can take action to either uninstall or replace. Doing so will help lessen the risks related to various vulnerability exposures due to unpatched applications. ## October 2019 From f3d220dcdffa0190ffcafb03613549b4a6be35c9 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:07:05 -0800 Subject: [PATCH 15/31] Added EOL --- .../microsoft-defender-atp/tvm-dashboard-insights.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md index f4a7c9d46e..4637041750 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md @@ -52,7 +52,7 @@ Area | Description (1) Menu | Select menu to expand the navigation pane and see the names of the Threat & Vulnerability Management capabilities. (2) Threat & Vulnerability Management navigation pane | Use the navigation pane to move across the **Threat and Vulnerability Management Dashboard**, **Security recommendations**, **Remediation**, **Software inventory**, and **Weaknesses**. **Dashboards** | Get a high-level view of the organization exposure score, organization configuration score, machine exposure distribution, top security recommendations, top vulnerable software, top remediation activities, and top exposed machines data. -**Security recommendations** | See the list of security recommendations, their related components, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list, a flyout panel opens with vulnerability details, open the software page, see the remediation, and exception options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information. +**Security recommendations** | See the list of security recommendations, their related components, whether applications in your network have reached their end-of-life, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list, a flyout panel opens with vulnerability details, open the software page, see the remediation, and exception options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information. **Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions. See [Remediation and exception](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information. **Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information. **Weaknesses** | See the list of common vulnerabilities and exposures, the severity, its common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed machines are there. You can select each item in the list and it opens a flyout panel with the vulnerability description and other details. See [Weaknesses](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) for more information. From e028c74a66a56321d102e076c5c68f2af86bb1ed Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:11:42 -0800 Subject: [PATCH 16/31] Added EOL entry in software inventory description --- .../microsoft-defender-atp/tvm-dashboard-insights.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md index 4637041750..c28e2478ae 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md @@ -54,7 +54,7 @@ Area | Description **Dashboards** | Get a high-level view of the organization exposure score, organization configuration score, machine exposure distribution, top security recommendations, top vulnerable software, top remediation activities, and top exposed machines data. **Security recommendations** | See the list of security recommendations, their related components, whether applications in your network have reached their end-of-life, insights, number or exposed devices, impact, and request for remediation. You can click each item on the list, a flyout panel opens with vulnerability details, open the software page, see the remediation, and exception options. You can also open a ticket in Intune if your machines are joined through Azure Active Directory and you have enabled your Intune connections in Microsoft Defender ATP. See [Security recommendations](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation) for more information. **Remediation** | See the remediation activity, related component, remediation type, status, due date, option to export the remediation and process data to CSV, and active exceptions. See [Remediation and exception](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation) for more information. -**Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information. +**Software inventory** | See the list of applications, versions, weaknesses, whether there’s an exploit found on the application, whether the application has reached its end-of-life, prevalence in the organization, how many were installed, how many exposed devices are there, and the numerical value of the impact. You can select each item in the list and opt to open the software page which shows the associated vulnerabilities, misconfigurations, affected machine, version distribution details, and missing KBs or security updates. See [Software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory) for more information. **Weaknesses** | See the list of common vulnerabilities and exposures, the severity, its common vulnerability scoring system (CVSS) V3 score, related software, age, when it was published, related threat alerts, and how many exposed machines are there. You can select each item in the list and it opens a flyout panel with the vulnerability description and other details. See [Weaknesses](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses) for more information. (3) Threat & Vulnerability Management dashboard | Access the **Exposure score**, **Configuration score**, **Exposure distribution**, **Top security recommendations**, **Top vulnerable software**, **Top remediation activities**, and **Top exposed machines**. **Selected machine groups (#/#)** | Filter the Threat & Vulnerability Management data that you want to see in the dashboard and widgets by machine groups. What you select in the filter applies throughout the Threat & Vulnerability management pages only. From 6d73a789b5ccb7393b429dd12b588db4be9d9536 Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 25 Nov 2019 16:26:28 -0800 Subject: [PATCH 17/31] add note to machine reports --- .../microsoft-defender-atp/machine-reports.md | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md index 22efe55158..adc8b53f70 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md +++ b/windows/security/threat-protection/microsoft-defender-atp/machine-reports.md @@ -34,21 +34,28 @@ Section | Description 2 | Machine summary (current day) - +## Machine trends By default, the machine trends displays machine information from the 30-day period ending in the latest full day. To gain better perspective on trends occurring in your organization, you can fine-tune the reporting period by adjusting the time period shown. To adjust the time period, select a time range from the drop-down options: - 30 days - 3 months - 6 months - Custom - -While the machines trends shows trending machine information, the machine summary shows machine information scoped to the current day. + +>[!NOTE] +>These filters are only applied on the machine trends section. It doesn't affect the machine summary section. + +## Machine summary +While the machines trends shows trending machine information, the machine summary shows machine information scoped to the current day. + +>[!NOTE] +>The data reflected in the summary section is scoped to 180 days prior to the current date. For example if today's date is March 27, 2019, the data on the summary section will reflect numbers starting from September 28, 2018 to March 27, 2019.
+> The filter applied on the trends section is not applied on the summary section. The machine trends section allows you to drill down to the machines list with the corresponding filter applied to it. For example, clicking on the Inactive bar in the Sensor health state card will bring you the machines list with results showing only machines whose sensor status is inactive. - ## Machine attributes The report is made up of cards that display the following machine attributes: From 75d256276794db51010b4df74ce0ea7274a105ea Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Mon, 25 Nov 2019 16:33:02 -0800 Subject: [PATCH 18/31] add note to threat report --- .../threat-protection-reports.md | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md index 7a7e652415..8d109610de 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md @@ -34,7 +34,7 @@ Section | Description 1 | Alerts trends 2 | Alert summary - +## Alert trends By default, the alert trends display alert information from the 30-day period ending in the latest full day. To gain better perspective on trends occurring in your organization, you can fine-tune the reporting period by adjusting the time period shown. To adjust the time period, select a time range from the drop-down options: - 30 days @@ -42,11 +42,18 @@ By default, the alert trends display alert information from the 30-day period en - 6 months - Custom +>[!NOTE] +>These filters are only applied on the alert trends section. It doesn't affect the alert summary section. + + +## Alert summary While the alert trends shows trending alert information, the alert summary shows alert information scoped to the current day. The alert summary allows you to drill down to a particular alert queue with the corresponding filter applied to it. For example, clicking on the EDR bar in the Detection sources card will bring you the alerts queue with results showing only alerts generated from EDR detections. - +>[!NOTE] +>The data reflected in the summary section is scoped to 180 days prior to the current date. For example if today's date is November 5, 2019, the data on the summary section will reflect numbers starting from May 5, 2019 to November 5, 2019.
+> The filter applied on the trends section is not applied on the summary section. ## Alert attributes The report is made up of cards that display the following alert attributes: From 0a3800533c5088293d56806fd842a996b0166850 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:35:12 -0800 Subject: [PATCH 19/31] Added EOL entry --- .../microsoft-defender-atp/tvm-software-inventory.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md index d7927da6ce..e414184a8e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory.md @@ -28,9 +28,9 @@ ms.date: 04/11/2019 Microsoft Defender ATP Threat & Vulnerability management's discovery capability shows in the **Software inventory** page. The software inventory includes the name of the product or vendor, the latest version it is in, and the number of weaknesses and vulnerabilities detected with it. ## Navigate through your software inventory -1. Select **Software inventory** from the Threat & Vulnerability management navigation menu. -2. In the **Software inventory** page, select the application that you want to investigate and a flyout panel opens up with the software details, vendor information, prevalence in the organization, exposed machines, threat context, and its impact to your organization's exposure score. -3. In the flyout panel, select **Open software page** to dive deeper into your software inventory. You will see how many weaknesses are discovered with the application, devices exposed, installed machines, version distribution, and the corresponding security recommendations for the weaknesses and vulnerabilities identified. +1. Select **Software inventory** from the Threat & Vulnerability management navigation menu. The **Software inventory** page opens with a list of applications installed in your network, vendor name, weaknesses found, threats associated with them, exposed machines, impact, tags. You can also filter the software inventory list view based on weaknesses found in the applications, threats associated with them, and whether the applications have reached their end-of-life. +2. In the **Software inventory** page, select the application that you want to investigate and a flyout panel opens up with the same details mentioned above but in a more compact view. You can either dive deeper into the investigation and select **Open software page** or flag any technical inconsistencies by selecting **Report inaccuracy**. +3. Select **Open software page** to dive deeper into your software inventory to see how many weaknesses are discovered in the application, devices exposed, installed machines, version distribution, and the corresponding security recommendations for the weaknesses and vulnerabilities identified. ## How it works In the field of discovery, we are leveraging the same set of signals in Microsoft Defender ATP's endpoint detection and response that's responsible for detection, for vulnerability assessment. From a5e98596a83d278a1f6d2c87f9fa68f20477ff27 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 16:48:23 -0800 Subject: [PATCH 20/31] Update tvm-remediation.md --- .../microsoft-defender-atp/tvm-remediation.md | 12 ++++++++++++ 1 file changed, 12 insertions(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index cc1eb7285f..115df85fbe 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -31,6 +31,12 @@ After your organization's cybersecurity weaknesses are identified and mapped to You can lower down your organization's exposure from vulnerabilities and increase your security configuration by remediating the security recommendations. ## Navigate through your remediation options +You can access the remediation page in a few places in the portal: +- Security recommendation flyout panel +- Remediation in the navigation menu +- Top remediation activities widget in the dashboard + +### Security recommendation flyout page You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard. 1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**. 2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**. @@ -43,6 +49,12 @@ You'll see your remediation options when you select one of the security recommen If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details. +### Remediation in the navigation menu + + +### Top remediation activities widget in the dashboard + + ## How it works When you submit a remediation request from Threat & Vulnerability Management, it kicks-off a remediation activity. From dfa4a34beb082b26ca9b898ea170280b8e2fd86b Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 17:10:43 -0800 Subject: [PATCH 21/31] Added EOL entry --- .../microsoft-defender-atp/tvm-remediation.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index 115df85fbe..4e4535f166 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -36,7 +36,7 @@ You can access the remediation page in a few places in the portal: - Remediation in the navigation menu - Top remediation activities widget in the dashboard -### Security recommendation flyout page +*Security recommendation flyout page* You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard. 1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**. 2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**. @@ -49,11 +49,13 @@ You'll see your remediation options when you select one of the security recommen If you want to check how the ticket shows up in Intune, see [Use Intune to remediate vulnerabilities identified by Microsoft Defender ATP](https://docs.microsoft.com/intune/atp-manage-vulnerabilities) for details. -### Remediation in the navigation menu - - -### Top remediation activities widget in the dashboard +*Remediation in the navigation menu* +1. Go to the Threat & Vulnerability Management navigation menu and select **Remediation** to open up the list of remediation activities and exceptions found in your organization. You can filter your view based on remediation type, machine remediation progress, and exception justification. If you want to see the remediation activities of applications which have reached their end-of-life, select **Software uninstall** from the **Remediation type** filter. +2. Select the remediation activity that you need to see or process. +*Top remediation activities widget in the dashboard* +1. Go to the Threat & Vulnerability Management dashboard and scroll down to the **Top remediation activities** widget. The list is sorted and prioritized based on what is listed in the **Top security recommendations**. +2. Select the remediation activity that you need to see or process. ## How it works @@ -61,7 +63,6 @@ When you submit a remediation request from Threat & Vulnerability Management, it It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune. - The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. ## When to file for exception instead of remediating issues From 3c810819afaa5733f73eb2655e3ae3f9128756df Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 17:11:25 -0800 Subject: [PATCH 22/31] Update tvm-remediation.md --- .../threat-protection/microsoft-defender-atp/tvm-remediation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index 4e4535f166..c97c72e028 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -37,7 +37,7 @@ You can access the remediation page in a few places in the portal: - Top remediation activities widget in the dashboard *Security recommendation flyout page* -You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard. +
You'll see your remediation options when you select one of the security recommendation blocks from your **Top security recommendations** widget in the dashboard. 1. From the flyout panel, you'll see the security recommendation details including your next steps. Click **Remediation options**. 2. In the **Remediation options** page, select **Open a ticket in Intune (for AAD joined devices)**. From b6858ab75cab957392cbeaa40f31fee68f426020 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Mon, 25 Nov 2019 17:22:51 -0800 Subject: [PATCH 23/31] Added EOL --- .../microsoft-defender-atp/tvm-security-recommendation.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md index 388cc4aba3..e7cb56cb23 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation.md @@ -53,7 +53,7 @@ You can click on each one of them and see the details, the description, the pote From that page, you can do any of the following depending on what you need to do: -- Open software page - Drill down and open the software page to get more context of the software details, prevalence in the organization, weaknesses discovered, version distribution, and charts so you can see the exposure trend over time. +- Open software page - Drill down and open the software page to get more context of the software details, prevalence in the organization, weaknesses discovered, version distribution, application end-of-life, and charts so you can see the exposure trend over time. - Choose from remediation options - Submit a remediation request to open a ticket in Microsoft Intune for your IT Administrator to pick up and address. From 840086bbfa1031c776a607e40e9640319a7b2090 Mon Sep 17 00:00:00 2001 From: scooley Date: Mon, 25 Nov 2019 18:11:17 -0800 Subject: [PATCH 24/31] added release notes page --- devices/hololens/TOC.md | 1 + devices/hololens/hololens-release-notes.md | 92 ++++++++++++++++++++++ 2 files changed, 93 insertions(+) create mode 100644 devices/hololens/hololens-release-notes.md diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md index 159effd554..5012889acc 100644 --- a/devices/hololens/TOC.md +++ b/devices/hololens/TOC.md @@ -1,4 +1,5 @@ # [HoloLens overview](index.md) +# [Release Notes](hololens-reelase-notes.md) # [Hololens status](hololens-status.md) # Get Started with HoloLens 2 diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md new file mode 100644 index 0000000000..f6e3eb0065 --- /dev/null +++ b/devices/hololens/hololens-release-notes.md @@ -0,0 +1,92 @@ +--- +title: What's new in Microsoft HoloLens +description: Learn about updates in each new HoloLens release. +author: scooley +ms.author: scooley +manager: dansimp +ms.prod: hololens +ms.sitesec: library +ms.topic: article +ms.localizationpriority: medium +ms.date: 10/14/2019 +audience: ITPro +appliesto: +- HoloLens 1 +- HoloLens 2 + +--- + +# HoloLens Release Notes + +## HoloLens 2 + +### November Update + + + +## HoloLens (1st gen) + +### Windows 10 Holographic, version 1809 + +> **Applies to:** Hololens (1st gen) + +| Feature | Details | +|---|---| +| **Quick actions menu** | When you're in an app, the Bloom gesture will now open a Quick actions menu to give you quick access to commonly used system features without having to leave the app.
See [Set up HoloLens in kiosk mode](hololens-kiosk.md) for information about the Quick actions menu in kiosk mode.

![sample of the Quick actions menu](images/minimenu.png) | +| **Stop video capture from the Start or quick actions menu** | If you start video capture from the Start menu or quick actions menu, you’ll be able to stop recording from the same place. (Don’t forget, you can always do this with voice commands too.) | +| **Project to a Miracast-enabled device** | Project your HoloLens content to a nearby Surface device or TV/Monitor if using Microsoft Display adapter. On **Start**, select **Connect**, and then select the device you want to project to. **Note:** You can deploy HoloLens to use Miracast projection without enabling developer mode. | +| **New notifications** | View and respond to notification toasts on HoloLens, just like you do on a PC. Gaze to respond to or dismiss them (or if you’re in an immersive experience, use the bloom gesture). | +| **HoloLens overlays**
(file picker, keyboard, dialogs, etc.) | You’ll now see overlays such as the keyboard, dialogs, file picker, etc. when using immersive apps. | +| **Visual feedback overlay UI for volume change** | When you use the volume up/down buttons on your HoloLens you’ll see a visual display of the volume level. | +| **New UI for device boot** | A loading indicator was added during the boot process to provide visual feedback that the system is loading. Reboot your device to see the new loading indicator—it’s between the "Hello" message and the Windows boot logo. | +| **Nearby sharing** | Addition of the Windows Nearby Sharing experience, allowing you to share a capture with a nearby Windows device. When you capture a photo or video on HoloLens (or use the share button from an app such as Microsoft Edge), select a nearby Windows device to share with. | +| **Share from Microsoft Edge** | Share button is now available on Microsoft Edge windows on HoloLens. In Microsoft Edge, select **Share**. Use the HoloLens share picker to share web content. | + +#### For international customers + +| Feature | Details | +| --- | --- | +| Localized Chinese and Japanese builds | Use HoloLens with localized user interface for Simplified Chinese or Japanese, including localized Pinyin keyboard, dictation, and voice commands.
[Learn how to install the Chinese and Japanese versions of HoloLens.](hololens1-install-localized.md) | +| Speech Synthesis (TTS) | Speech synthesis feature now supports Chinese, Japanese, and English. | + +#### For administrators + +| Feature | Details | +|---|----| +| [Enable post-setup provisioning](hololens-provisioning.md) | You can now apply a runtime provisioning package at any time using **Settings**. | +| Assigned access with Azure AD groups | You can now use Azure AD groups for configuration of Windows assigned access to set up single or multi-app kiosk configuration. | +| PIN sign-in on profile switch from sign-in screen | PIN sign-in is now available for **Other User**. | +| Sign in with Web Credential Provider using password | You can now select the Globe sign-in option to launch web sign-in with your password. From the sign-in screen, select **Sign-In options** and select the Globe option to launch web sign-in. Enter your user name if needed, then your password.
**Note:** You can choose to bypass any PIN/Smartcard options when prompted during web sign-in. | +| Read device hardware info through MDM so devices can be tracked by serial number | IT administrators can see and track HoloLens by device serial number in their MDM console. Refer to your MDM documentation for feature availability and instructions. | +| Set HoloLens device name through MDM (rename) | IT administrators can see and rename HoloLens devices in their MDM console. Refer to your MDM documentation for feature availability and instructions. | + +### Windows 10, version 1803 for Microsoft HoloLens + +> **Applies to:** Hololens (1st gen) + +Windows 10, version 1803, is the first feature update to Windows Holographic for Business since its release in Windows 10, version 1607. This update introduces the following changes: + +- Previously, you could only verify that upgrade license for Commercial Suite had been applied to your HoloLens device by checking to see if VPN was an available option on the device. Now, **Settings** > **System** will display **Windows Holographic for Business** after the upgrade license is applied. [Learn how to unlock Windows Holographic for Business features](hololens1-upgrade-enterprise.md). + +- You can view the operating system build number in device properties in the File Explorer app and in the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379/windows-10-mobile-device-recovery-tool-faq). +- Provisioning a HoloLens device is now easier with the new **Provision HoloLens devices** wizard in the Windows Configuration Designer tool. In the wizard, you can configure the setup experience and network connections, set developer mode, and obtain bulk Azure AD tokens. [Learn how to use the simple provisioning wizard for HoloLens](hololens-provisioning.md#wizard). + + ![Provisioning HoloLens devices](images/provision-hololens-devices.png) + +- When you create a local account in a provisioning package, the password no longer expires every 42 days. + +- You can [configure HoloLens as a single-app or multi-app kiosk](hololens-kiosk.md). Multi-app kiosk mode lets you set up a HoloLens to only run the apps that you specify, and prevents users from making changes. + +- Media Transfer Protocol (MTP) is enabled so that you can connect the HoloLens device to a PC by USB and transfer files between HoloLens and the PC. You can also use the File Explorer app to move and delete files from within HoloLens. + +- Previously, after you signed in to the device with an Azure Active Directory (Azure AD) account, you then had to **Add work access** in **Settings** to get access to corporate resources. Now, you sign in with an Azure AD account and enrollment happens automatically. + +- Before you sign in, you can choose the network icon below the password field to choose a different Wi-Fi network to connect to. You can also connect to a guest network, such as at a hotel, conference center, or business. + +- You can now easily [share HoloLens with multiple people](hololens-multiple-users.md) using Azure AD accounts. + +- When setup or sign-in fails, choose the new **Collect info** option to get diagnostic logs for troubleshooting. + +- Individual users can sync their corporate email without enrolling their device in mobile device management (MDM). You can use the device with a Microsoft Account, download and install the Mail app, and add an email account directly. + +- You can check the MDM sync status for a device in **Settings** > **Accounts** > **Access Work or School** > **Info**. In the **Device sync status** section, you can start a sync, see areas managed by MDM, and create and export an advanced diagnostics report. From 4660f0cbe909d4ed4b73cf77de42726c5bd32f0a Mon Sep 17 00:00:00 2001 From: scooley Date: Mon, 25 Nov 2019 18:19:10 -0800 Subject: [PATCH 25/31] november update --- devices/hololens/hololens-release-notes.md | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/devices/hololens/hololens-release-notes.md b/devices/hololens/hololens-release-notes.md index f6e3eb0065..d9c8fcb96b 100644 --- a/devices/hololens/hololens-release-notes.md +++ b/devices/hololens/hololens-release-notes.md @@ -20,9 +20,12 @@ appliesto: ## HoloLens 2 -### November Update - +### November Update - build 18362.1039 +- Fixes for **"Select"** voice commands during initial set-up for en-CA and en-AU. +- Improvements in visual quality of objects placed far away in latest Unity and MRTK versions. +- Fixes addressing issues with holographic applications being stuck in a paused state on launch until the pins panel is brought up and dismissed again. +- OpenXR runtime conformance fixes and improvements for HoloLens 2 and the emulator. ## HoloLens (1st gen) From 273538471de6bd3156b276a50eeba7e8fe752e17 Mon Sep 17 00:00:00 2001 From: scooley Date: Mon, 25 Nov 2019 18:21:43 -0800 Subject: [PATCH 26/31] spelling fix -.- --- devices/hololens/TOC.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md index 5012889acc..a65e790dd6 100644 --- a/devices/hololens/TOC.md +++ b/devices/hololens/TOC.md @@ -1,5 +1,5 @@ # [HoloLens overview](index.md) -# [Release Notes](hololens-reelase-notes.md) +# [Release Notes](hololens-release-notes.md) # [Hololens status](hololens-status.md) # Get Started with HoloLens 2 From 01c2a0b59c87bae21d72a9755c77501ba7902c09 Mon Sep 17 00:00:00 2001 From: scooley Date: Mon, 25 Nov 2019 18:22:41 -0800 Subject: [PATCH 27/31] reorganized TOC slightly --- devices/hololens/TOC.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/devices/hololens/TOC.md b/devices/hololens/TOC.md index a65e790dd6..8b9e64d2f9 100644 --- a/devices/hololens/TOC.md +++ b/devices/hololens/TOC.md @@ -1,6 +1,4 @@ # [HoloLens overview](index.md) -# [Release Notes](hololens-release-notes.md) -# [Hololens status](hololens-status.md) # Get Started with HoloLens 2 ## [HoloLens 2 hardware](hololens2-hardware.md) @@ -61,5 +59,7 @@ ## [Known issues](hololens-known-issues.md) ## [Frequently asked questions](hololens-faq.md) +# [Release Notes](hololens-release-notes.md) +# [Hololens status](hololens-status.md) # [Give us feedback](hololens-feedback.md) # [Change history for Microsoft HoloLens documentation](change-history-hololens.md) From e7210e5761738d6e2a4ca5b99787ef13d476dc08 Mon Sep 17 00:00:00 2001 From: John Kaiser <35939694+CoveMiner@users.noreply.github.com> Date: Mon, 25 Nov 2019 18:24:15 -0800 Subject: [PATCH 28/31] Update windows-autopilot-and-surface-devices.md --- devices/surface/windows-autopilot-and-surface-devices.md | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/devices/surface/windows-autopilot-and-surface-devices.md b/devices/surface/windows-autopilot-and-surface-devices.md index 00b08cc73a..2be171841b 100644 --- a/devices/surface/windows-autopilot-and-surface-devices.md +++ b/devices/surface/windows-autopilot-and-surface-devices.md @@ -13,7 +13,7 @@ ms.author: dansimp ms.topic: article ms.localizationpriority: medium ms.audience: itpro -ms.date: 10/21/2019 +ms.date: 11/26/2019 --- # Windows Autopilot and Surface devices @@ -35,10 +35,17 @@ Enrolling Surface devices in Windows Autopilot at the time of purchase is a capa When you purchase Surface devices from a Surface partner enabled for Windows Autopilot, your new devices can be enrolled in your Windows Autopilot deployment for you by the partner. Surface partners enabled for Windows Autopilot include: +- [ALSO](https://www.also.com/ec/cms5/de_1010/1010_anbieter/microsoft/windows-autopilot/index.jsp) - [Atea](https://www.atea.com/) +- [Bechtle](https://www.bechtle.com/de-en) +- [Cancom](https://www.cancom.de/) +- [CDW](https://www.cdw.com/) +- [Computacenter](https://www.computacenter.com/uk) - [Connection](https://www.connection.com/brand/microsoft/microsoft-surface) - [Insight](https://www.insight.com/en_US/buy/partner/microsoft/surface/windows-autopilot.html) - [SHI](https://www.shi.com/Surface) +- [Synnex](https://www.synnexcorp.com/us/microsoft/surface-autopilot/) +- [Techdata](https://www.techdata.com/) ## Learn more For more information about Windows Autopilot, refer to: From 94e0ef953b1642c39af1031ec63179c560b2cb52 Mon Sep 17 00:00:00 2001 From: John Liu <49762389+ShenLanJohn@users.noreply.github.com> Date: Mon, 25 Nov 2019 19:08:52 -0800 Subject: [PATCH 29/31] CAT Auto Pulish for Windows Release Messages - CAT_AutoPublish_20191125172554 (#1598) --- .../status-windows-10-1903.yml | 16 ++-------------- .../status-windows-10-1909.yml | 4 ++-- 2 files changed, 4 insertions(+), 16 deletions(-) diff --git a/windows/release-information/status-windows-10-1903.yml b/windows/release-information/status-windows-10-1903.yml index 804016b432..5164040208 100644 --- a/windows/release-information/status-windows-10-1903.yml +++ b/windows/release-information/status-windows-10-1903.yml @@ -64,8 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ - @@ -73,8 +73,6 @@ sections: - -
SummaryOriginating updateStatusLast updated
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 22, 2019
04:10 PM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 22, 2019
04:10 PM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 15, 2019
05:59 PM PT
Updates may fail to install and you may receive Error 0x80073701
Installation of updates may fail and you may receive error code 0x80073701.

See details >		OS Build 18362.145

May 29, 2019
KB4497935		Resolved
November 12, 2019
08:11 AM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 18362.356

September 10, 2019
KB4515384		Mitigated
November 12, 2019
08:05 AM PT
Intel Audio displays an intcdaud.sys notification
Devices with a range of Intel Display Audio device drivers may experience battery drain.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved External
November 12, 2019
08:04 AM PT
Gamma ramps, color profiles, and night light settings do not apply in some cases
Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4505903		July 26, 2019
02:00 PM PT
Cannot launch Camera app
Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4501375		June 27, 2019
10:00 AM PT
Unable to discover or connect to Bluetooth devices using some Qualcomm adapters
Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.

See details >		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4517389		October 08, 2019
10:00 AM PT
Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters
Some devices with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards may experience compatibility issues.

See details >		N/A

Resolved
KB4522355		October 24, 2019
10:00 AM PT
" @@ -90,7 +88,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast Antivirus and AVG Antivirus. Any application from Avast or AVG that contains Antivirus version 19.5.4444.567 or earlier is affected.

To safeguard your upgrade experience, we have applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows Server, version 1909; Windows Server, version 1903
Workaround: Before updating to Windows 10, version 1903 or Windows 10, version 1909, you will need to download and install an updated version of your Avast or AVG application. Guidance for Avast and AVG customers can be found in the following support articles:
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new version of your Avast or AVG application has been installed and the Windows 10, version 1903 or Windows 10, version 1909 feature update has been automatically offered to you.

Back to top		N/A

Mitigated External
Last updated:
November 22, 2019
04:10 PM PT

Opened:
November 22, 2019
04:10 PM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some older versions of Avast Antivirus and AVG Antivirus that might still be installed by a small number of users. Any application from Avast or AVG that contains Antivirus version 19.5.4444.567 or earlier is affected.

To safeguard your upgrade experience, we have applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows Server, version 1909; Windows Server, version 1903
Workaround: Before updating to Windows 10, version 1903 or Windows 10, version 1909, you will need to download and install an updated version of your Avast or AVG application. Guidance for Avast and AVG customers can be found in the following support articles:
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new version of your Avast or AVG application has been installed and the Windows 10, version 1903 or Windows 10, version 1909 feature update has been automatically offered to you.

Back to top		N/A

Mitigated External
Last updated:
November 25, 2019
05:25 PM PT

Opened:
November 22, 2019
04:10 PM PT
TLS connections might fail or timeout
Updates for Windows released October 8, 2019 or later provide protections, tracked by CVE-2019-1318, against an attack that could allow unauthorized access to information or data within TLS connections. This type of attack is known as a man-in-the-middle exploit. Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (RFC 7627). Lack of RFC support might cause one or more of the following errors or logged events:
  • \"The request was aborted: Could not create SSL/TLS secure Channel\"
  • SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.​\"
Affected platforms:
  • Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1
  • Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2

Next Steps: Connections between two devices running any supported version of Windows should not have this issue when fully updated. There is no update for Windows needed for this issue. These changes are required to address a security issue and security compliance. For information, see KB4528489.

Back to top		OS Build 18362.418

October 08, 2019
KB4517389		Mitigated External
Last updated:
November 05, 2019
03:36 PM PT

Opened:
November 05, 2019
03:36 PM PT
" @@ -101,16 +99,6 @@ sections: text: " - -
DetailsOriginating updateStatusHistory
Unable to create local users in Chinese, Japanese and Korean during device setup
When setting up a new Windows device using the Out of Box Experience (OOBE), you might be unable to create a local user when using Input Method Editor (IME). This issue might affect you if you are using the IME for Chinese, Japanese, or Korean languages.

Note This issue does not affect using a Microsoft Account during OOBE.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709
  • Server: Windows Server, version 1909; Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709
Workaround: To mitigate this issue, set the keyboard language to English during user creation or use a Microsoft Account to complete OOBE. You can set the keyboard language back to your preferred language after user creation. Once the OOBE is done and you are at the desktop, you can rename the current user using these instructions. If you prefer to create a new local user, see KB4026923.

Next steps: We are working on a resolution and will provide an update in an upcoming release.

Back to top		OS Build 18362.356

September 10, 2019
KB4515384		Mitigated
Last updated:
November 12, 2019
08:05 AM PT

Opened:
October 29, 2019
05:15 PM PT
Unable to discover or connect to Bluetooth devices using some Qualcomm adapters
Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Qualcomm. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Qualcomm Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.

Affected platforms:
  • Client: Windows 10, version 1903
  • Server: Windows Server, version 1903
Resolution: This issue was resolved in KB4517389 and the safeguard hold has been removed. Please note, it can take up to 48 hours before you can update to offered Windows 10, version 1903 or Windows Server, version 1903.

Back to top		OS Build 18362.116

May 21, 2019
KB4505057		Resolved
KB4517389		Resolved:
October 08, 2019
10:00 AM PT

Opened:
October 25, 2019
04:21 PM PT
- " - -- title: September 2019 -- items: - - type: markdown - text: " - -
DetailsOriginating updateStatusHistory
Safeguard on certain devices with some Intel and Broadcom Wi-Fi adapters
Microsoft and NEC have found incompatibility issues with Intel Centrino 6205/6235 and Broadcom 802.11ac Wi-Fi cards when running Windows 10, version 1903 on specific models of NEC devices. If these devices are updated to Windows 10, version 1903, they will no longer be able to use any Wi-Fi connections. The Wi-Fi driver may have a yellow exclamation point in device manager. The task tray icon for networking may show the icon for no internet and Network & Internet settings may not show any Wi-Fi networks.

To safeguard your update experience, we have applied a compatibility hold on the affected devices from being offered Windows 10, version 1903.

Affected platforms:
  • Client: Windows 10, version 1903
Resolution: This issue was resolved in KB4522355. The safeguard hold is estimated to be removed in mid-November.

Back to top		N/A

Resolved
KB4522355		Resolved:
October 24, 2019
10:00 AM PT

Opened:
September 13, 2019
05:25 PM PT
" diff --git a/windows/release-information/status-windows-10-1909.yml b/windows/release-information/status-windows-10-1909.yml index 34d19acbca..65eca24a0c 100644 --- a/windows/release-information/status-windows-10-1909.yml +++ b/windows/release-information/status-windows-10-1909.yml @@ -64,8 +64,8 @@ sections: - type: markdown text: "
This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.

+ -
SummaryOriginating updateStatusLast updated
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 25, 2019
05:25 PM PT
Intermittent loss of Wi-Fi connectivity
Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
November 22, 2019
04:10 PM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus.

See details >		N/A

Mitigated External
November 22, 2019
04:10 PM PT
Unable to discover or connect to Bluetooth devices using some Realtek adapters
Microsoft has identified compatibility issues with some versions of Realtek Bluetooth radio drivers.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Resolved External
November 15, 2019
05:59 PM PT
Unable to create local users in Chinese, Japanese and Korean during device setup
You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.

See details >		OS Build 18363.476

November 12, 2019
KB4524570		Mitigated
November 12, 2019
08:05 AM PT
@@ -83,7 +83,7 @@ sections: - type: markdown text: " - +
DetailsOriginating updateStatusHistory
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some versions of Avast Antivirus and AVG Antivirus. Any application from Avast or AVG that contains Antivirus version 19.5.4444.567 or earlier is affected.

To safeguard your upgrade experience, we have applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows Server, version 1909; Windows Server, version 1903
Workaround: Before updating to Windows 10, version 1903 or Windows 10, version 1909, you will need to download and install an updated version of your Avast or AVG application. Guidance for Avast and AVG customers can be found in the following support articles:
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new version of your Avast or AVG application has been installed and the Windows 10, version 1903 or Windows 10, version 1909 feature update has been automatically offered to you.

Back to top		N/A

Mitigated External
Last updated:
November 22, 2019
04:10 PM PT

Opened:
November 22, 2019
04:10 PM PT
Issues with some older versions of Avast and AVG anti-virus products
Microsoft and Avast has identified compatibility issues with some older versions of Avast Antivirus and AVG Antivirus that might still be installed by a small number of users. Any application from Avast or AVG that contains Antivirus version 19.5.4444.567 or earlier is affected.

To safeguard your upgrade experience, we have applied a hold on devices with affected Avast and AVG Antivirus from being offered or installing Windows 10, version 1903 or Windows 10, version 1909, until the application is updated.

Affected platforms:
  • Client: Windows 10, version 1909; Windows 10, version 1903
  • Server: Windows Server, version 1909; Windows Server, version 1903
Workaround: Before updating to Windows 10, version 1903 or Windows 10, version 1909, you will need to download and install an updated version of your Avast or AVG application. Guidance for Avast and AVG customers can be found in the following support articles:
Note We recommend that you do not attempt to manually update using the Update now button or the Media Creation Tool until a new version of your Avast or AVG application has been installed and the Windows 10, version 1903 or Windows 10, version 1909 feature update has been automatically offered to you.

Back to top		N/A

Mitigated External
Last updated:
November 25, 2019
05:25 PM PT

Opened:
November 22, 2019
04:10 PM PT
" From c6062387ca84644481fb8c8c149c159321a1d746 Mon Sep 17 00:00:00 2001 From: Dulce Montemayor Date: Tue, 26 Nov 2019 08:50:56 -0800 Subject: [PATCH 30/31] Update whats-new-in-microsoft-defender-atp.md --- .../whats-new-in-microsoft-defender-atp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index 0ffab6c531..2782279fcc 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -31,7 +31,7 @@ For more information preview features, see [Preview features](https://docs.micro - [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md)
Microsoft Defender ATP for Mac brings the next-generation protection to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices. ([Endpoint detection and response is currently in preview](preview.md).) -- [Threat & Vulnerability Management application end-of-life notification](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
Applications which have reached their end-of-life are labeled as such so you are aware that it will no longer be supported, and can take action to either uninstall or replace. Doing so will help lessen the risks related to various vulnerability exposures due to unpatched applications. +- [Threat & Vulnerability Management application end-of-life notification](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation)
Applications which have reached their end-of-life are labeled as such so you are aware that they will no longer be supported, and can take action to either uninstall or replace. Doing so will help lessen the risks related to various vulnerability exposures due to unpatched applications. ## October 2019 From b6e7ba7b3b8e6cdc49ed12f84cf9d83278edf3ec Mon Sep 17 00:00:00 2001 From: maximvelichko Date: Tue, 26 Nov 2019 11:04:16 -0800 Subject: [PATCH 31/31] Change notice for running with other AV --- .../microsoft-defender-atp/microsoft-defender-atp-mac.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index c64de21b8c..6cad2a8034 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -23,7 +23,7 @@ ms.topic: conceptual This topic describes how to install, configure, update, and use Microsoft Defender ATP for Mac. > [!CAUTION] -> Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. +> Running other third-party endpoint protection products alongside Microsoft Defender ATP for Mac is likely to lead to performance problems and unpredictable side effects. If non-Microsoft endpoint protection is an absolute requirement in your environment, you can still safely take advantage of MDATP for Mac EDR functionality after configuring MDATP for Mac antivirus functionality to run in [Passive mode](mac-preferences.md#enable--disable-passive-mode). ## What’s new in the latest release