diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index c5927c9a88..cdb95e6464 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -42,9 +42,16 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f
 Exclusion | Definition | Examples
 ---|---|---
 File extension | All files with the extension, anywhere on the machine | `.test`
-File | A specific file identified by the full path | `/var/log/test.log`
-Folder | All files under the specified folder | `/var/log/`
-Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`<br/>`cat`
+File | A specific file identified by the full path | `/var/log/test.log`<br/>`/var/log/*.log`<br/>`/var/log/install.?.log`
+Folder | All files under the specified folder | `/var/log/`<br/>`/var/*/`
+Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`<br/>`cat`<br/>`c?t`
+
+File, folder, and process exclusions support the following wildcards:
+
+Wildcard | Description | Example | Matches
+---|---|---|---
+\* |	Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log`
+? | Matches any single character | `file?.log` | `file1.log`<br/>`file2.log`
 
 ## How to configure the list of exclusions
 
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 57fde3cc75..fbf351fb3e 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -26,6 +26,12 @@ ms.topic: conceptual
 > 
 > If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
 
+## 101.00.31
+
+- Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types)
+- Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP**
+- Other performance improvements & bug fixes
+
 ## 100.90.27
 
 - You can now [set an update channel](mac-updates.md#set-the-channel-name) for Microsoft Defender ATP for Mac that is different from the system-wide update channel