diff --git a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md index d009237304..a023fdb141 100644 --- a/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md +++ b/devices/surface/deploy-the-latest-firmware-and-drivers-for-surface-devices.md @@ -9,7 +9,7 @@ ms.mktglfcycl: deploy ms.pagetype: surface, devices ms.sitesec: library author: brecords -ms.date: 12/07/2017 +ms.date: 09/13/2018 ms.author: jdecker ms.topic: article --- @@ -23,11 +23,7 @@ As easy as it is to keep Surface device drivers and firmware up to date automati On the Microsoft Download Center page for your device, you will find several files available. These files allow you to deploy drivers and firmware in various ways. You can read more about the different deployment methods for Surface drivers and firmware in [Manage Surface driver and firmware updates](manage-surface-pro-3-firmware-updates.md). -Driver and firmware updates for Surface devices are released in one of two ways: - -- **Point updates** are released for specific drivers or firmware revisions and provide the latest update for a specific component of the Surface device. - -- **Cumulative updates** provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows. +Driver and firmware updates for Surface devices are **cumulative updates** which provide comprehensive roundups of all of the latest files for the Surface device running that version of Windows. Installation files for administrative tools, drivers for accessories, and updates for Windows are also available for some devices and are detailed here in this article. @@ -212,10 +208,10 @@ Download the following updates [for Surface Pro (Model 1514) from the Microsoft - Windows8.1-KB2969817-x64.msu – Fixes an issue that causes Surface devices to reboot twice after firmware updates are installed on all supported x64-based versions of Windows 8.1 -## Surface RT +## Surface devices with Windows RT -There are no downloadable firmware or driver updates available for Surface RT. Updates can only be applied using Windows Update. +There are no downloadable firmware or driver updates available for Surface devices with Windows RT, including Surface RT and Surface 2. Updates can only be applied using Windows Update. If you have additional questions on the driver pack and updates, please contact [Microsoft Surface support for business](https://www.microsoft.com/surface/support/business). diff --git a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md index 55efbb3633..2f0e8fbb61 100644 --- a/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md +++ b/windows/privacy/basic-level-windows-diagnostic-events-and-fields-1803.md @@ -35,8 +35,6 @@ You can learn more about Windows functional and diagnostic data through these ar - [Configure Windows diagnostic data in your organization](configure-windows-diagnostic-data-in-your-organization.md) - - ## Appraiser events ### Microsoft.Windows.Appraiser.General.ChecksumTotalPictureCount diff --git a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md index 5c1f9d33d8..2f6a6ce43c 100644 --- a/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md +++ b/windows/security/threat-protection/intelligence/coordinated-malware-eradication.md @@ -32,4 +32,4 @@ Organizations participating in the CME effort work together to help eradicate se Any organization that is involved in cybersecurity and antimalware or interested in fighting cybercrime can participate in CME campaigns by enrolling in the [Virus Information Alliance (VIA) program](virus-information-alliance-criteria.md). It ensures that everyone agrees to use the information and tools available for campaigns for their intended purpose (that is, the eradication of malware). -Please apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx) to get started. \ No newline at end of file +If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join CME, [VIA](./virus-information-alliance-criteria.md), or [MVI](./virus-initiative-criteria.md). \ No newline at end of file diff --git a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md index d08b16e029..10e99ef924 100644 --- a/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-information-alliance-criteria.md @@ -46,6 +46,4 @@ To be eligible for VIA your organization must: 3. Be willing to sign and adhere to the VIA membership agreement. -If your organization wants to apply and meets this criteria, you can apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx). - -If you have any questions, you can also contact us using our [partnerships contact form](https://www.microsoft.com/security/portal/partnerships/contactus.aspx). \ No newline at end of file +If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join VIA, [MVI](./virus-initiative-criteria.md), or [CME](./coordinated-malware-eradication.md). \ No newline at end of file diff --git a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md index 6edc83eaba..26f3bbce30 100644 --- a/windows/security/threat-protection/intelligence/virus-initiative-criteria.md +++ b/windows/security/threat-protection/intelligence/virus-initiative-criteria.md @@ -54,4 +54,4 @@ Your organization must meet the following eligibility requirements to participat ### Apply to MVI -If your organization wants to apply and meets this criteria, you can apply using our [membership application form](https://www.microsoft.com/security/portal/partnerships/apply.aspx). \ No newline at end of file +If your organization meets these criteria and would like to apply for membership, contact us at [mvi@microsoft.com](mailto:mvi@microsoft.com). Please indicate whether you would like to join MVI, [VIA](./virus-information-alliance-criteria.md), or [CME](./coordinated-malware-eradication.md). \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md index 7b40ec9d0d..3eb5787182 100644 --- a/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/advanced-hunting-windows-defender-advanced-threat-protection.md @@ -72,7 +72,7 @@ The following tables are exposed as part of Advanced hunting: - **RegistryEvents** - Stores registry key creation, modification, rename and deletion events - **LogonEvents** - Stores login events - **ImageLoadEvents** - Stores load dll events -- **MiscEvents** - Stores several types of events, including Windows Defender blocks (Windows Defender Antivirus, Exploit Guard, Windows Defender SmartScreen, Windows Defender Application Guard, and Firewall), process injection events, access to LSASS processes, and others. +- **MiscEvents** - Stores several types of events, process injection events, access to LSASS processes, and others. These tables include data from the last 30 days. diff --git a/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md b/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md index c90bb67da7..cd9048386c 100644 --- a/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md +++ b/windows/security/threat-protection/windows-defender-atp/troubleshoot-siem-windows-defender-advanced-threat-protection.md @@ -35,7 +35,9 @@ If your client secret expires or if you've misplaced the copy provided when you 3. Select your tenant. -4. Click **App registrations** > **All apps**, then select your SIEM tool application. The application name is `https://windowsdefenderatpsiemconnector`. +4. Click **App registrations**. Then in the applications list, select the application: + - For SIEM: `https://WindowsDefenderATPSiemConnector` + - For Threat intelligence API: `https://WindowsDefenderATPCustomerTiConnector` 5. Select **Keys** section, then provide a key description and specify the key validity duration. diff --git a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md index cb3e681ae8..0a7e07c36c 100644 --- a/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md +++ b/windows/security/threat-protection/windows-defender-exploit-guard/enable-virtualization-based-protection-of-code-integrity.md @@ -180,6 +180,7 @@ This field helps to enumerate and report state on the relevant security properti | **4.** | If present, Secure Memory Overwrite is available. | | **5.** | If present, NX protections are available. | | **6.** | If present, SMM mitigations are available. | +| **7.** | If present, Mode Based Execution Control is available. | #### InstanceIdentifier @@ -199,6 +200,7 @@ This field describes the required security properties to enable virtualization-b | **4.** | If present, Secure Memory Overwrite is needed. | | **5.** | If present, NX protections are needed. | | **6.** | If present, SMM mitigations are needed. | +| **7.** | If present, Mode Based Execution Control is needed. | #### SecurityServicesConfigured @@ -274,4 +276,4 @@ Set-VMSecurity -VMName -VirtualizationBasedSecurityOptOut $true - The Hyper-V virtual machine must be Generation 2, and running at least Windows Server 2016 or Windows 10. - HVCI and [nested virtualization](https://docs.microsoft.com/virtualization/hyper-v-on-windows/user-guide/nested-virtualization) cannot be enabled at the same time. - Virtual Fibre Channel adapters are not compatible with HVCI. Before attaching a virtual Fibre Channel Adapter to a virtual machine, you must first opt out of virtualization-based security using `Set-VMSecurity`. - - The AllowFullSCSICommandSet option for pass-through disks is not compatible with HVCI. Before configuring a pass-through disk with AllowFullSCSICommandSet, you must first opt out of virtualization-based security using `Set-VMSecurity`. \ No newline at end of file + - The AllowFullSCSICommandSet option for pass-through disks is not compatible with HVCI. Before configuring a pass-through disk with AllowFullSCSICommandSet, you must first opt out of virtualization-based security using `Set-VMSecurity`.