Catalina updates

2025-05-13 05:47:23 +00:00 · 2019-09-30 12:56:07 -07:00 · 2019-09-30 12:56:07 -07:00 · a7dd24871f
commit a7dd24871f
parent 7f48012227
4 changed files with 22 additions and 6 deletions
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md
@ -169,12 +169,12 @@ After installation, you'll see the Microsoft Defender icon in the macOS status b
   ![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
-## Catalina
+## How to Allow Full Disk Access
 > [!CAUTION]
-> macOS 10.15 (Catalina) does not allow us to scan certain user's directories (Documents, etc.) without a user's consent.
+> macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender ATP is not able to fully protect your device.
-To grant consent, open System Preferences, Security & Privacy, Privacy, Full Disk Access. Click the lock to make changes (bottom of the dialog box). Select Microsoft Defender.
+To grant consent, open System Preferences -> Security & Privacy -> Privacy -> Full Disk Access. Click the lock icon to make changes (bottom of the dialog box). Select Microsoft Defender ATP.
 ## Logging installation issues
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md
@ -119,6 +119,11 @@ You may now enroll more devices. You can also enroll them later, after you have
 7. Create another profile, give it a name, and upload the intune/WindowsDefenderATPOnboarding.xml file.
 8. Create tcc.xml file with content below. Create another profile, give it any name and upload this file to it.
   > [!CAUTION]
   > macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender ATP is not able to fully protect your device.
   >
   > The following configuration profile grants Full Disk Access to Microsoft Defender ATP. If you previously configured Microsoft Defender ATP through Intune, we recommend you update the deployment with this configuration profile.
   ```xml
   <?xml version="1.0" encoding="UTF-8"?>
   <!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
@ -183,9 +188,6 @@ You may now enroll more devices. You can also enroll them later, after you have
   </plist>
   ```
   > [!CAUTION]
   > This is a new configuration we add for Catalina. If you previously configured Defender in Intune without it, please modify it and add this option.
 9. Select **Manage > Assignments**.  In the **Include** tab, select **Assign to All Users & All devices**.
 Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**:
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md
@ -92,6 +92,11 @@ To approve the kernel extension:
 ### Privacy Preferences Policy Control
 > [!CAUTION]
 > macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender ATP is not able to fully protect your device.
 >
 > If you previously configured Microsoft Defender ATP through JAMF, we recommend applying the following configuration.
 By default, starting with Catalina, Microsoft Defender cannot access files in a user's home directory. To resolve it, add a JAMF policy to allow Defender Full Disk Access.
 1. Select **Options > Privacy Preferences Policy Control**.
--- a/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md
+++ b/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md
@ -23,4 +23,13 @@ ms.topic: conceptual
 ## 100.65.28
 - Added support for macOS Catalina
 > [!CAUTION]
 > macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender ATP is not able to fully protect your device.
 >
 > The mechanism for granting this consent depends on how you deployed Microsoft Defender ATP:
 >
 > - For manual deployments, see the updated instructions in the [Manual deployment](microsoft-defender-atp-mac-install-manually.md#how-to-allow-full-disk-access) topic.
 > - For managed deployments, see the updated instructions in the [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md#create-system-configuration-profiles) topics.
 - Performance improvements