From d383abf06cf5469119d5549a6cc6c7b86cb81c6e Mon Sep 17 00:00:00 2001 From: Joey Caparas Date: Wed, 9 Jun 2021 11:05:13 -0700 Subject: [PATCH 1/4] revert --- windows/client-management/mdm/defender-csp.md | 74 +------------------ 1 file changed, 3 insertions(+), 71 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index dbdc03e3aa..a97b4484db 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -10,7 +10,7 @@ ms.prod: w10 ms.technology: windows author: dansimp ms.localizationpriority: medium -ms.date: 06/07/2021 +ms.date: 06/02/2021 --- # Defender CSP @@ -59,9 +59,6 @@ Defender --------TamperProtection (Added in Windows 10, version 1903) --------EnableFileHashComputation (Added in Windows 10, version 1903) --------SupportLogLocation (Added in the next major release of Windows 10) ---------PlatformUpdatesChannel (Added with the 4.18.2105.4 Defender platform release) ---------EngineUpdatesChannel (Added with the 4.18.2105.4 Defender platform release) ---------DefinitionUpdatesChannel (Added with the 4.18.2105.4 Defender platform release) ----Scan ----UpdateSignature ----OfflineScan (Added in Windows 10 version 1803) @@ -521,74 +518,9 @@ When enabled or disabled exists on the client and admin moves the setting to not More details: -- [Microsoft Defender Antivirus diagnostic data](/microsoft-365/security/defender-endpoint/collect-diagnostic-data) +- [Microsoft Defender AV diagnostic data](/microsoft-365/security/defender-endpoint/collect-diagnostic-data) - [Collect investigation package from devices](/microsoft-365/security/defender-endpoint/respond-machine-alerts#collect-investigation-package-from-devices) -**Configuration/PlatformUpdatesChannel** -Enable this policy to specify when devices receive Microsoft Defender platform updates during the monthly gradual rollout. - -Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. - -Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. - -Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). - -Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - -If you disable or do not configure this policy, the device will stay up to date automatically during the gradual release cycle. Suitable for most devices. - -The data type is integer. - -Supported operations are Add, Delete, Get, Replace. - -Valid values are: -• 0: Not configured (Default) -• 1: Beta Channel - Prerelease -• 2: Current Channel (Preview) -• 3: Current Channel (Staged) -• 4: Current Channel (Broad) - -**Configuration/EngineUpdatesChannel** -Enable this policy to specify when devices receive Microsoft Defender engine updates during the monthly gradual rollout. - -Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. - -Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. - -Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). - -Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - -If you disable or do not configure this policy, the device will stay up to date automatically during the gradual release cycle. Suitable for most devices. - -The data type is integer. - -Supported operations are Add, Delete, Get, Replace. - -Valid values are: -- 0 - Not configured (Default) -- 1 - Beta Channel - Prerelease -- 2 - Current Channel (Preview) -- 3 - Current Channel (Staged) -- 4 - Current Channel (Broad) - -**Configuration/DefinitionUpdatesChannel** -Enable this policy to specify when devices receive daily Microsoft Defender definition updates during the daily gradual rollout. - -Current Channel (Staged): Devices will be offered updates after the release cycle. Suggested to apply to a small, representative part of production population (~10%) - -Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - -If you disable or do not configure this policy, the device will stay up to date automatically during the daily release cycle. Suitable for most devices. - -The data type is integer. -Supported operations are Add, Delete, Get, Replace. - -Valid Values are: -• 0: Not configured (Default) -• 3: Current Channel (Staged) -• 4: Current Channel (Broad) - **Scan** Node that can be used to start a Windows Defender scan on a device. @@ -610,4 +542,4 @@ Supported operations are Get and Execute. ## Related topics -[Configuration service provider reference](configuration-service-provider-reference.md) +[Configuration service provider reference](configuration-service-provider-reference.md) \ No newline at end of file From c19599c11a1f5a02bbdcb61d8d7124d10474c363 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 9 Jun 2021 11:20:21 -0700 Subject: [PATCH 2/4] Update defender-csp.md --- windows/client-management/mdm/defender-csp.md | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index a97b4484db..a423b48612 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -94,11 +94,11 @@ The data type is integer. The following list shows the supported values: -- 0 = Unknown -- 1 = Low -- 2 = Moderate -- 4 = High -- 5 = Severe +- 0 = Unknown +- 1 = Low +- 2 = Moderate +- 4 = High +- 5 = Severe Supported operation is Get. From ab77e37ba969b67c526233351346af25df4d4089 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 9 Jun 2021 11:20:46 -0700 Subject: [PATCH 3/4] Update defender-csp.md --- windows/client-management/mdm/defender-csp.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/client-management/mdm/defender-csp.md b/windows/client-management/mdm/defender-csp.md index a423b48612..eeb53adf0b 100644 --- a/windows/client-management/mdm/defender-csp.md +++ b/windows/client-management/mdm/defender-csp.md @@ -171,17 +171,17 @@ The data type is integer. The following list shows the supported values: -- 0 = Active -- 1 = Action failed -- 2 = Manual steps required -- 3 = Full scan required -- 4 = Reboot required -- 5 = Remediated with noncritical failures -- 6 = Quarantined -- 7 = Removed -- 8 = Cleaned -- 9 = Allowed -- 10 = No Status ( Cleared) +- 0 = Active +- 1 = Action failed +- 2 = Manual steps required +- 3 = Full scan required +- 4 = Reboot required +- 5 = Remediated with noncritical failures +- 6 = Quarantined +- 7 = Removed +- 8 = Cleaned +- 9 = Allowed +- 10 = No Status ( Cleared) Supported operation is Get. From 3a0889b5734ecd753d7682e8ff761d7febc12b15 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 9 Jun 2021 11:26:44 -0700 Subject: [PATCH 4/4] Update defender-ddf.md --- windows/client-management/mdm/defender-ddf.md | 180 ------------------ 1 file changed, 180 deletions(-) diff --git a/windows/client-management/mdm/defender-ddf.md b/windows/client-management/mdm/defender-ddf.md index b4c21b747a..7aa0520e15 100644 --- a/windows/client-management/mdm/defender-ddf.md +++ b/windows/client-management/mdm/defender-ddf.md @@ -10,7 +10,6 @@ ms.prod: w10 ms.technology: windows author: manikadhiman ms.localizationpriority: medium -ms.date: 08/11/2020 --- # Defender DDF file @@ -758,185 +757,6 @@ The XML below is the current version for this CSP. - DisableGradualRelease - - - - - - - - Enable this policy to disable gradual rollout of Defender updates. - - - - - - - - - - - text/plain - - - 99.9.99999 - 1.3 - - - - 1 - Gradual release is disabled - - - 0 - Gradual release is enabled - - - - - - DefinitionUpdatesChannel - - - - - - - - Enable this policy to specify when devices receive daily Microsoft Defender definition updates during the daily gradual rollout. - - - - - - - - - - - text/plain - - - 99.9.99999 - 1.3 - - - - 0 - Not configured (Default). The device will stay up to date automatically during the gradual release cycle. Suitable for most devices. - - - 4 - Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). - - - 5 - Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - - - - - - EngineUpdatesChannel - - - - - - - - Enable this policy to specify when devices receive Microsoft Defender engine updates during the monthly gradual rollout. - - - - - - - - - - - text/plain - - - 99.9.99999 - 1.3 - - - - 0 - Not configured (Default). The device will stay up to date automatically during the gradual release cycle. Suitable for most devices. - - - 2 - Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. - - - 3 - Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. - - - 4 - Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). - - - 5 - Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - - - - - - PlatformUpdatesChannel - - - - - - - - Enable this policy to specify when devices receive Microsoft Defender platform updates during the monthly gradual rollout. - - - - - - - - - - - text/plain - - - 99.9.99999 - 1.3 - - - - 0 - Not configured (Default). The device will stay up to date automatically during the gradual release cycle. Suitable for most devices. - - - 2 - Beta Channel: Devices set to this channel will be the first to receive new updates. Select Beta Channel to participate in identifying and reporting issues to Microsoft. Devices in the Windows Insider Program are subscribed to this channel by default. For use in (manual) test environments only and a limited number of devices. - - - 3 - Current Channel (Preview): Devices set to this channel will be offered updates earliest during the monthly gradual release cycle. Suggested for pre-production/validation environments. - - - 4 - Current Channel (Staged): Devices will be offered updates after the monthly gradual release cycle. Suggested to apply to a small, representative part of your production population (~10%). - - - 5 - Current Channel (Broad): Devices will be offered updates only after the gradual release cycle completes. Suggested to apply to a broad set of devices in your production population (~10-100%). - - - - Scan