deepblue/windows-itpro-docs
1
0
Fork 0
mirror of https://github.com/MicrosoftDocs/windows-itpro-docs.git synced 2025-05-13 05:47:23 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

ready to submit PR but likely to update again

Browse Source
This commit is contained in:
Greg Lindsay 2019-11-11 10:35:42 -08:00
commit abc60c9cc6
141 changed files with 8579 additions and 8246 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

91
.openpublishing.redirection.json
View File

@ -241,6 +241,21 @@
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-your-windows-defender-application-control-planning-document.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/document-your-windows-defender-application-control-management-processes.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/plan-windows-defender-application-control-management",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/windows-defender-device-guard-and-applocker.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/windows-defender-application-control",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/security-policy-settings/microsoft-network-client-digitally-sign-communications-if-server-agrees.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/smbv1-microsoft-network-client-digitally-sign-communications-if-server-agrees",
"redirect_document_id": true
@ -256,6 +271,11 @@
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create",
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/applocker/administer-applocker-using-mdm.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/applocker/administer-applocker-using-mdm",
"redirect_document_id": true
@ -15337,9 +15357,74 @@
"redirect_document_id": false
},
{
"source_path": "windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/windows-defender-application-control/select-types-of-rules-to-create",
"redirect_document_id": false
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew",
"redirect_document_id": true
},
{
"source_path": "windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-install-manually",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-updates",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-exclusions.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-preferences",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-pua.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-pua",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-perf.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-support-perf",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-kext.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-support-kext",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-privacy",
"redirect_document_id": true
},
{
"source_path": "windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md",
"redirect_url": "https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/mac-resources",
"redirect_document_id": true
}
]
}

2
ThirdPartyNotices
View File

@ -7,7 +7,7 @@ see the [LICENSE](LICENSE) file, and grant you a license to any code in the repo
Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation
may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries.
The licenses for this project do not grant you rights to use any Microsoft names, logos, or trademarks.
Microsoft's general trademark guidelines can be found at http://go.microsoft.com/fwlink/?LinkID=254653.
Microsoft's general trademark guidelines can be found at https://go.microsoft.com/fwlink/?LinkID=254653.
Privacy information can be found at https://privacy.microsoft.com/en-us/

4
browsers/edge/microsoft-edge-kiosk-mode-deploy.md
View File

@ -243,7 +243,7 @@ In the following table, we show you the features available in both Microsoft Edg
|-----------------------------------------------------------|:---------------------------------------------------------------------------------------------------------------------------------------------------------------:|:-------------------------------------------------------------------------------------------------------------------------------------------------------:|
| Print support | ![Supported](images/148767.png) | ![Not supported](images/148766.png) |
| Multi-tab support | ![Supported](images/148767.png) | ![Not supported](images/148766.png) |
| Allow/Block URL support | ![Supported](images/148767.png) <p>*\*For Microsoft Edge kiosk mode use* Windows Defender Firewall<em>. Microsoft kiosk browser has custom policy support.</em> | ![Supported](images/148767.png) |
| Allow/Block URL support | ![Not Supported](images/148766.png) ![Supported](images/148767.png) |
| Configure Home Button | ![Supported](images/148767.png) | ![Supported](images/148767.png) |
| Set Start page(s) URL | ![Supported](images/148767.png) | ![Supported](images/148767.png) <p>*Same as Home button URL* |
| Set New Tab page URL | ![Supported](images/148767.png) | ![Not supported](images/148766.png) |
@ -255,7 +255,7 @@ In the following table, we show you the features available in both Microsoft Edg
| SKU availability | Windows 10 October 2018 Update<br>Professional, Enterprise, and Education | Windows 10 April 2018 Update<br>Professional, Enterprise, and Education |
**\*Windows Defender Firewall**<p>
To prevent access to unwanted websites on your kiosk device, use Windows Defender Firewall to configure a list of allowed websites, blocked websites or both. For more details, see [Windows Defender Firewall with Advanced Security Deployment](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide).
To prevent access to unwanted websites on your kiosk device, use Windows Defender Firewall to configure a list of allowed websites, blocked websites or both, using IP addresses. For more details, see [Windows Defender Firewall with Advanced Security Deployment Guide](https://docs.microsoft.com/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security-deployment-guide).
---

4
devices/hololens/TOC.md
View File

@ -5,12 +5,15 @@
## [HoloLens 2 hardware](hololens2-hardware.md)
## [Get your HoloLens 2 ready to use](hololens2-setup.md)
## [Set up your HoloLens 2](hololens2-start.md)
## [HoloLens 2 fit and comfort FAQ](hololens2-fit-comfort-faq.md)
## [Supported languages for HoloLens 2](hololens2-language-support.md)
## [Getting around HoloLens 2](hololens2-basic-usage.md)
# Get started with HoloLens (1st gen)
## [HoloLens (1st gen) hardware](hololens1-hardware.md)
## [Get your HoloLens (1st gen) ready to use](hololens1-setup.md)
## [Set up your HoloLens (1st gen)](hololens1-start.md)
## [HoloLens (1st gen) fit and comfort FAQ](hololens1-fit-comfort-faq.md)
## [Install localized version of HoloLens (1st gen)](hololens1-install-localized.md)
## [Getting around HoloLens (1st gen)](hololens1-basic-usage.md)
@ -52,6 +55,7 @@
# Update and recovery
## [Join the Windows Insider program](hololens-insider.md)
## [Managing HoloLens updates](hololens-updates.md)
## [Restart, reset, or recover](hololens-recovery.md)
## [Known issues](hololens-known-issues.md)
## [Frequently asked questions](hololens-faq.md)

6
devices/hololens/holographic-3d-viewer-beta.md
View File

@ -6,10 +6,10 @@ ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
audience: ITPro
ms.localizationpriority: medium
ms.localizationpriority: high
ms.date: 10/30/2019
ms.reviewer:
ms.reviewer: scooley
audience: ITPro
manager: jarrettr
appliesto:
- HoloLens (1st gen)

6
devices/hololens/holographic-store-apps.md
View File

@ -3,7 +3,7 @@ title: Find, install, and uninstall applications
description: The Microsoft Store is your source for apps and games that work with HoloLens. Learn more about finding, installing, and uninstalling holographic apps.
ms.assetid: cbe9aa3a-884f-4a92-bf54-8d4917bc3435
ms.reviewer: v-miegge
ms.date: 8/30/2019
ms.date: 08/30/2019
manager: jarrettr
keywords: hololens, store, uwp, app, install
ms.prod: hololens
@ -11,7 +11,7 @@ ms.sitesec: library
author: mattzmsft
ms.author: mazeller
ms.topic: article
ms.localizationpriority: medium
ms.localizationpriority: high
appliesto:
- HoloLens (1st gen)
- HoloLens 2
@ -33,7 +33,7 @@ Open the Microsoft Store from the **Start** menu. Then browse for apps and games
## Install apps
To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](http://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**.
To download apps, you'll need to be signed in with a Microsoft account. To buy them, you'll need a payment method associated with the Microsoft account you use on your HoloLens. To set up a payment method, go to [account.microsoft.com](https://account.microsoft.com/) and select **Payment & billing** > **Payment options** > **Add a payment option**.
1. To open the [**Start** menu](holographic-home.md), perform a [bloom](hololens1-basic-usage.md) gesture or tap your wrist.
2. Select the Store app and then tap to place this tile into your world.

6
devices/hololens/hololens-connect-devices.md
View File

@ -7,8 +7,8 @@ ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
ms.localizationpriority: medium
ms.date: 9/13/2019
ms.localizationpriority: high
ms.date: 09/13/2019
manager: jarrettr
appliesto:
- HoloLens (1st gen)
@ -34,7 +34,7 @@ Classes of Bluetooth devices supported by HoloLens (1st gen):
- HoloLens (1st gen) clicker
> [!NOTE]
> Other types of Bluetooth devices, such as speakers, headsets, smartphones, and game pads, may appear as available in HoloLens settings, but aren't supported on HoloLens (1st gen). [Learn more](http://go.microsoft.com/fwlink/p/?LinkId=746660).
> Other types of Bluetooth devices, such as speakers, headsets, smartphones, and game pads, may appear as available in HoloLens settings, but aren't supported on HoloLens (1st gen). [Learn more](https://go.microsoft.com/fwlink/p/?LinkId=746660).
### Pair a Bluetooth keyboard or mouse

4
devices/hololens/hololens-environment-considerations.md
View File

@ -9,9 +9,9 @@ ms.date: 8/29/2019
ms.prod: hololens
ms.topic: article
audience: ITPro
ms.localizationpriority: medium
ms.localizationpriority: high
appliesto:
- HoloLens 1
- HoloLens (1st gen)
- HoloLens 2
---

2
devices/hololens/hololens-offline.md
View File

@ -11,7 +11,7 @@ manager: v-miegge
ms.topic: article
ms.prod: hololens
ms.sitesec: library
ms.localizationpriority: medium
ms.localizationpriority: high
appliesto:
- HoloLens (1st gen)
- HoloLens 2

2
devices/hololens/hololens-recovery.md
View File

@ -9,7 +9,7 @@ author: mattzmsft
ms.author: mazeller
ms.date: 08/30/2019
ms.topic: article
ms.localizationpriority:
ms.localizationpriority: high
manager: jarrettr
appliesto:
- HoloLens (1st gen)

2
devices/hololens/hololens-spaces.md
View File

@ -9,7 +9,7 @@ keywords: hololens, Windows Mixed Reality, design, spatial mapping, HoloLens, su
ms.prod: hololens
ms.sitesec: library
ms.topic: article
ms.localizationpriority: medium
ms.localizationpriority: high
appliesto:
- HoloLens 1 (1st gen)
- HoloLens 2

2
devices/hololens/hololens-status.md
View File

@ -8,7 +8,7 @@ manager: jarrettr
audience: Admin
ms.topic: article
ms.prod: hololens
ms.localizationpriority: Medium
ms.localizationpriority: high
ms.sitesec: library
---

76
devices/hololens/hololens-updates.md
View File

@ -1,23 +1,76 @@
---
title: Manage updates to HoloLens (HoloLens)
title: Managing updates to HoloLens
description: Administrators can use mobile device management to manage updates to HoloLens devices.
ms.prod: hololens
ms.sitesec: library
author: dansimp
ms.author: dansimp
author: Teresa-Motiv
ms.author: v-tea
audience: ITPro
ms.topic: article
ms.localizationpriority: medium
ms.date: 04/30/2018
ms.reviewer:
manager: dansimp
ms.localizationpriority: high
ms.date: 11/7/2019
ms.reviewer: jarrettr
manager: jarrettr
appliesto:
- HoloLens (1st gen)
- HoloLens 2
---
# Manage updates to HoloLens
# Managing HoloLens updates
HoloLens uses Windows Update, just like other Windows 10 devices. When an update is available, it will be automatically downloaded and installed the next time your device is plugged in and connected to the Internet.
This article will walk through all of the way to manage updates on HoloLens.
## Manually check for updates
While HoloLens periodically checks for system updates so you don't have to, there may be circumstances in which you want to manually check.
To manually check for updates, go to **Settings** > **Update & Security** > **Check for updates**. If the Settings app says your device is up to date, you have all the updates that are currently available.
## Go back to a previous version (HoloLens 2)
In some cases, you might want to go back to a previous version of the HoloLens software. You can do this by using the Advanced Recovery Companion to reset your HoloLens to the earlier version.
> [!NOTE]
>HoloLens devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates.
> Going back to an earlier version deletes your personal files and settings.
For a complete list of Update policies, see [Policies supported by Windows Holographic for Business](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#a-href-idhololenspoliciesapolicies-supported-by-windows-holographic-for-business).
To go back to a previous version of HoloLens 2, follow these steps:
1. Make sure that you don't have any phones or Windows devices plugged in to your PC.
1. On your PC, download the [Advanced Recovery Companion](https://www.microsoft.com/p/advanced-recovery-companion/9p74z35sfrs8?activetab=pivot:overviewtab) from the Microsoft Store.
1. Download the [most recent HoloLens 2 release](https://aka.ms/hololens2download).
1. When you have finished these downloads, open **File explorer** > **Downloads**. Right-click the zipped folder that you just downloaded, and select **Extract all** > **Extract** to unzip it.
1. Connect your HoloLens to your PC using a USB-A to USB-C cable . (Even if you've been using other cables to connect your HoloLens, this one works best.)
1. The Advanced Recovery Companion automatically detects your HoloLens. Select the **Microsoft HoloLens** tile.
1. On the next screen, select **Manual package selection** and then select the installation file contained in the folder that you unzipped in step 4. (Look for a file with the .ffu extension.)
1. Select **Install software**, and follow the instructions.
## Go back to a previous version (HoloLens (1st gen))
In some cases, you might want to go back to a previous version of the HoloLens software. You can do this by using the Windows Device Recovery Tool to reset your HoloLens to the earlier version.
> [!NOTE]
> Going back to an earlier version deletes your personal files and settings.
To go back to a previous version of HoloLens (1st gen), follow these steps:
1. Make sure that you don't have any phones or Windows devices plugged in to your PC.
1. On your PC, download the [Windows Device Recovery Tool (WDRT)](https://support.microsoft.com/help/12379).
1. Download the [HoloLens Anniversary Update recovery package](https://aka.ms/hololensrecovery).
1. When the downloads finish, open **File explorer** > **Downloads**. Right-click the zipped folder you just downloaded, and select **Extract all** > **Extract** to unzip it.
1. Connect your HoloLens to your PC using the micro-USB cable that it came with. (Even if you've been using other cables to connect your HoloLens, this one works best.)
1. The WDRT will automatically detect your HoloLens. Select the **Microsoft HoloLens** tile.
1. On the next screen, select **Manual package selection** and choose the installation file contained in the folder you unzipped in step 4. (Look for a file with the .ffu extension.)
1. Select **Install software**, and follow the instructions.
> [!NOTE]
> If the WDRT doesn't detect your HoloLens, try restarting your PC. If that doesn't work, select **My device was not detected**, select **Microsoft HoloLens**, and then follow the instructions.
# Use policies to manage updates to HoloLens
>[!NOTE]
>HoloLens (1st gen) devices must be [upgraded to Windows Holographic for Business](hololens1-upgrade-enterprise.md) to manage updates.
To configure how and when updates are applied, use the following policies:
@ -37,7 +90,8 @@ For devices on Windows 10, version 1607 only: You can use the following update p
- [Update/RequireUpdateApproval](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-requireupdateapproval)
- [Update/UpdateServiceUrl](https://docs.microsoft.com/windows/client-management/mdm/policy-csp-update#update-updateserviceurl)
## Related topics
For more information about using policies to manage HoloLens, see the following articles:
- [Policies supported by HoloLens 2](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#policies-supported-by-hololens-2)
- [Policies supported by Windows Holographic for Business](https://docs.microsoft.com/windows/client-management/mdm/policy-configuration-service-provider#a-href-idhololenspoliciesapolicies-supported-by-windows-holographic-for-business)
- [Manage software updates in Microsoft Intune](https://docs.microsoft.com/intune/windows-update-for-business-configure)

2
devices/hololens/hololens1-clicker.md
View File

@ -10,7 +10,7 @@ ms.sitesec: library
author: v-miegge
ms.author: v-miegge
ms.topic: article
ms.localizationpriority: medium
ms.localizationpriority: high
appliesto:
- HoloLens (1st gen)
---

64
devices/hololens/hololens1-fit-comfort-faq.md Normal file
View File

@ -0,0 +1,64 @@
---
title: HoloLens (1st gen) fit and comfort frequently asked questions
description: Answers to frequently asked questions about how to fit your HoloLens (1st gen).
ms.prod: hololens
ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
ms.localizationpriority: high
ms.date: 10/09/2019
ms.reviewer: jarrettr
audience: ITPro
manager: jarrettr
appliesto:
- HoloLens (1st gen)
---
# HoloLens (1st gen) fit and comfort frequently asked questions
Here are some tips on how to stay comfortable and have the best experience using your HoloLens.
For step-by-step instructions and a video about putting on and adjusting your device, see [Get your HoloLens (1st gen) ready to use](hololens1-setup.md).
> [!NOTE]
> The fit and comfort tips in this topic are meant only as general guidance&mdash;they don't replace any laws or regulations, or your good judgment when using HoloLens. Stay safe, and have fun!
Here are some tips on how to stay comfortable and have the best experience using your HoloLens.
## I'm experiencing discomfort when I use my device. What should I do?
If you experience discomfort, take a break until you feel better. Try sitting in a well-lit room and relaxing for a bit. The next time your use your HoloLens, try using it for a shorter period of time at first.
For more information, see [Health and safety on HoloLens](https://go.microsoft.com/fwlink/p/?LinkId=746661).
## I can't see the whole holographic frame, or my holograms are cut off
To see the top edge of the holographic frame, move the device so it sits higher on your head, or angle the headband up slightly in front. To see the bottom edge, move the device to sit lower on your head, or angle the headband down slightly in front. If the left or right edge of the view frame isn't visible, make sure the HoloLens visor is centered on your forehead.
## I need to look up or down to see holograms
Try adjusting the position of your device visor so the holographic frame matches your natural gaze. Here's how:
- **If you need to look up to see holograms**. First, shift the back of the headband a bit higher on your head. Then use one hand to hold the headband in place and the other to gently rotate the visor so you have a good view of the holographic frame.
- **If you need to look down to see holograms**. First, shift the back of the headband a bit lower on your head. Then place your thumbs under the device arms and your index fingers on top of the headband, and gently squeeze with your thumbs to rotate the visor so you have a good view of the holographic frame.
## The device slides down when I'm using it, or I need to make the headband too tight to keep it secure
The overhead strap can help keep your HoloLens secure on your head, particularly if you're moving around a lot. The strap may also let you loosen the headband a bit. [Learn how to use it](hololens1-setup.md#adjust-fit).
You can also experiment with the positioning of the headband&mdash;depending on your head size and shape, you may need to slide it up or down to reposition it on your forehead.
## My HoloLens feels heavy on my nose
If your HoloLens is adjusted correctly, the nose pad should rest lightly on your nose. If it feels heavy on your nose, try rotating the visor up or adjusting the angle of the headband. You can also slide the device visor out&mdash;grasp the device arms just behind the visor and pull forward gently.
## How can I adjust HoloLens to fit with my glasses?
The device visor can slide in and out to accommodate eyewear. Grasp the device arms just behind the visor and pull forward gently to adjust it.
## My arm gets tired when I use gestures. What can I do?
When using gestures, there's no need to extend your arm out far from your body. Keep it closer to your side, where it's more comfortable and will get less tired. [Learn more about gestures](hololens1-basic-usage.md#use-hololens-with-your-hands).
And be sure to try out [voice commands](hololens-cortana.md) and the [HoloLens clicker](hololens1-clicker.md).

10
devices/hololens/hololens1-hardware.md
View File

@ -15,7 +15,7 @@ appliesto:
- HoloLens (1st gen)
---
# HoloLens (1st Gen) hardware
# HoloLens (1st gen) hardware
![Microsoft HoloLens (1st gen)](images/see-through-400px.jpg)
@ -48,6 +48,14 @@ The HoloLens box contains the following items:
>[!TIP]
>The [clicker](hololens1-clicker.md) ships with HoloLens (1st Gen), in a separate box.
### Power Supply details
The power supply and the USB cable that come with the device are the best supported mechanism for charging. The power supply is an 18W charger. It supplies 9V at 2A.
Charging rate and speed may vary depending on the environment in which the device is running.
In order to maintain/advance Internal Battery Charge Percentage while the device is on, it must be connected minimum to a 15W charger.
## Device specifications
### Display

6
devices/hololens/hololens1-setup.md
View File

@ -7,7 +7,7 @@ author: JesseMcCulloch
ms.author: jemccull
ms.topic: article
ms.localizationpriority: high
ms.date: 8/12/19
ms.date: 8/12/2019
ms.reviewer:
manager: jarrettr
appliesto:
@ -29,6 +29,10 @@ When your HoloLens is on, the battery indicator shows the battery level in incre
> [!TIP]
> To get an estimate of your current battery level, say "Hey Cortana, how much battery do I have left?"
The power supply and USB cable that come with the device are the best way to charge your HoloLens (1st gen). The power supply provides 18W of power (9V 2A).
Charging rate and speed may vary depending on the environment in which the device is running.
## Adjust fit
> [!VIDEO https://www.microsoft.com/videoplayer/embed/be3cb527-f2f1-4f85-b4f7-a34fbaba980d]

60
devices/hololens/hololens2-fit-comfort-faq.md Normal file
View File

@ -0,0 +1,60 @@
---
title: HoloLens 2 fit and comfort FAQ
description: Answers to frequently asked questions about how to fit your HoloLens 2.
ms.prod: hololens
ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
audience: ItPro
ms.localizationpriority: high
ms.date: 11/07/2019
ms.reviewer: jarrettr
manager: jarrettr
appliesto:
- HoloLens 2
---
# HoloLens 2 fit and comfort frequently asked questions
Here are some tips on how to stay comfortable and have the best experience using your HoloLens.
For step-by-step instructions and a video about putting on and adjusting your device, see [Get your HoloLens 2 ready to use](hololens2-setup.md).
> [!NOTE]
> The fit and comfort tips in this topic are meant only as general guidance&mdash;they don't replace any laws or regulations, or your good judgment when using HoloLens. Stay safe, and have fun!
Here are some tips on how to stay comfortable and have the best experience using your HoloLens.
## I'm experiencing discomfort when I use my device. What should I do?
If you experience discomfort, take a break until you feel better. Try sitting in a well-lit room and relaxing for a bit. The next time your use your HoloLens, try using it for a shorter period of time at first.
For more information, see [Health and safety on HoloLens](https://go.microsoft.com/fwlink/p/?LinkId=746661).
## I can't see the whole holographic frame, or my holograms are cut off
To see the top edge of the holographic frame, move the device so it sits higher on your head, or angle the headband up slightly in front. To see the bottom edge, move the device to sit lower on your head, or angle the headband down slightly in front. If the left or right edge of the view frame isn't visible, make sure the HoloLens visor is centered on your forehead.
## I need to look up or down to see holograms
Try adjusting the position of your device visor so the holographic frame matches your natural gaze. Here's how:
- **If you need to look up to see holograms**. First, shift the back of the headband a bit higher on your head. Then use one hand to hold the headband in place and the other to gently rotate the visor so you have a good view of the holographic frame.
- **If you need to look down to see holograms**. First, shift the back of the headband a bit lower on your head. Then place your thumbs under the device arms and your index fingers on top of the headband, and gently squeeze with your thumbs to rotate the visor so you have a good view of the holographic frame.
## The device slides down when I'm using it, or I need to make the headband too tight to keep it secure
The overhead strap can help keep your HoloLens secure on your head, particularly if you're moving around a lot. The strap may also let you loosen the headband a bit. [Learn how to use it](hololens2-setup.md#adjust-fit).
You can also experiment with the positioning of the headband&mdash;depending on your head size and shape, you may need to slide it up or down to reposition it on your forehead.
## How can I adjust HoloLens to fit with my glasses?
To accommodate eyewear, you can tilt the visor.
## My arm gets tired when I use gestures. What can I do?
When using gestures, there's no need to extend your arm out far from your body. Keep it closer to your side, where it's more comfortable and will get less tired. You can also use hand rays to interact with holograms without raising your arms [Learn more about gestures and hand rays](hololens2-basic-usage.md#the-hand-tracking-frame).
And be sure to try out [voice commands](hololens-cortana.md).

9
devices/hololens/hololens2-hardware.md
View File

@ -35,6 +35,14 @@ Microsoft HoloLens 2 is an untethered holographic computer. It refines the holo
- **Power supply**. Plugs into a power outlet.
- **Microfiber cloth**. Use to clean your HoloLens visor.
### Power Supply details
The power supply and the USB cable that come with the device are the best supported mechanism for charging. The power supply is an 18W charger. It's supplies 9V at 2A.
Charging rate and speed may vary depending on the environment in which the device is running.
In order to maintain/advance Internal Battery Charge Percentage while the device is on, it must be connected minimum to a 15W charger.
## Device specifications
### Display
@ -83,6 +91,7 @@ Microsoft HoloLens 2 is an untethered holographic computer. It refines the holo
| Battery technology | [Lithium batteries](https://www.microsoft.com/download/details.aspx?id=43388) |
| Charging behavior | Fully functional when charging |
| Cooling type | Passively cooled (no fans) |
| Power draw | In order to maintain/advance Internal Battery Charge Percentage while the device is on, it must be connected minimum to a 15W charger. |
### Fit

45
devices/hololens/hololens2-language-support.md Normal file
View File

@ -0,0 +1,45 @@
---
title: Supported languages for HoloLens 2
description:
ms.prod: hololens
ms.sitesec: library
author: Teresa-Motiv
ms.author: v-tea
ms.topic: article
ms.localizationpriority: medium
ms.date: 9/12/2019
audience: ITPro
ms.reviewer: jarrettr
manager: jarrettr
appliesto:
- HoloLens 2
---
# Supported languages for HoloLens 2
HoloLens 2 supports the following languages. This support includes voice commands and dictation features.
- Chinese Simplified (China)
- English (Australia)
- English (Canada)
- English (Great Britain)
- English (United States)
- French (Canada)
- French (France)
- German (Germany)
- Italian (Italy)
- Japanese (Japan)
- Spanish (Mexico)
- Spanish (Spain)
Windows Mixed Reality is also available in the following languages. However, this support does not include speech commands or dictation features.
- Chinese Traditional (Taiwan and Hong Kong)
- Dutch (Netherlands)
- Korean (Korea)
- Changing language or keyboard
> [!NOTE]
> Your speech and dictation language depends on the Windows display language.
>
To change the Windows display language, region, or keyboard settings, use the start gesture to open the **Start** menu, and then select **Settings** > **Time and Language** > **Language**.

5
devices/hololens/hololens2-setup.md
View File

@ -21,7 +21,9 @@ The procedures below will help you set up a HoloLens 2 for the first time.
## Charge your HoloLens
Connect the power supply to the charging port by using the USB-C cable (included). Plug the power supply into a power outlet.
Connect the power supply to the charging port by using the USB-C cable (included). Plug the power supply into a power outlet. The power supply and USB-C-to-C cable that come with the device are the best way to charge your HoloLens 2. The charger supplies 18W of power (9V at 2A).
Charging rate and speed may vary depending on the environment in which the device is running.
- When the device is charging, the battery indicator lights up to indicate the current level of charge. The last light will fade in and out to indicate active charging.
- When your HoloLens is on, the battery indicator displays the battery level in increments.
@ -102,6 +104,7 @@ Not sure what the indicator lights on your HoloLens mean? Want to know how HoloL
| - | - | - |
| You press the Power button. | One light flashes five times, then turns off. | The HoloLens battery is critically low. Charge your HoloLens. |
| You press the Power button. | All five lights flash five times, then turn off. | HoloLens cannot start correctly and is in an error state. [Reinstall the operating system](hololens-recovery.md) to recover your device. |
| You press the Power button. | The 1st, 3rd, and 5th lights flash together continually. | HoloLens may have a hardware failure. To be sure, [reinstall the OS](hololens-recovery.md#hololens-2), and try again. After reinstalling the OS, if the light-flash pattern persists, contact [support](https://support.microsoft.com/en-us/supportforbusiness/productselection?sapid=3ec35c62-022f-466b-3a1e-dbbb7b9a55fb). |
## Safety and comfort

2
devices/surface-hub/TOC.md
View File

@ -22,6 +22,8 @@
## Deploy
### [Surface Hub 2S adoption and training](surface-hub-2s-adoption-kit.md)
### [Surface Hub 2S adoption videos](surface-hub-2s-adoption-videos.md)
### [First time setup for Surface Hub 2S](surface-hub-2s-setup.md)
### [Connect devices to Surface Hub 2S](surface-hub-2s-connect.md)
### [Surface Hub 2S deployment checklist](surface-hub-2s-deploy-checklist.md)

12
devices/surface-hub/surface-hub-2s-adoption-kit.md
View File

@ -9,7 +9,7 @@ ms.author: greglin
manager: laurawi
audience: Admin
ms.topic: article
ms.date: 08/22/2019
ms.date: 11/04/2019
ms.localizationpriority: Medium
---
@ -17,6 +17,10 @@ ms.localizationpriority: Medium
Whether you are a small or large business, a Surface Hub adoption plan is critical in generating the right use cases and helping your users become comfortable with the device. Check out these downloadable guides designed to help you deliver training across your organization.
## On-demand training
- [Surface Hub 2S adoption and training videos](surface-hub-2s-adoption-videos.md)
## Adoption toolkit
- [Surface Hub adoption toolkit](downloads/SurfaceHubAdoptionToolKit.pdf)
@ -28,7 +32,7 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
- [Training guide help desk](downloads/TrainingGuide-SurfaceHub2S-HelpDesk.pdf)
- [Training guide Microsoft Teams desktop](downloads/Guide-SurfaceHub2S-Teams.pptx)
[Download all training guides](http://download.microsoft.com/download/2/2/3/2234F70E-E65A-4790-93DF-F4C373A75B8E/SurfaceHub2S-TrainerGuides-July2019.zip)
[Download all training guides](https://download.microsoft.com/download/2/2/3/2234F70E-E65A-4790-93DF-F4C373A75B8E/SurfaceHub2S-TrainerGuides-July2019.zip)
## End user guides
@ -37,7 +41,7 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
- [Guide to Microsoft Whiteboard on Surface Hub](downloads/Guide-SurfaceHub2S-Whiteboard.pptx)
- [Guide to Microsoft Teams on Surface Hub](downloads/Guide-SurfaceHub2S-Teams.pptx)
[Download all end user guides](http://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
[Download all end user guides](https://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
## Quick reference cards
@ -52,4 +56,4 @@ Whether you are a small or large business, a Surface Hub adoption plan is critic
- [Whiteboard advanced](downloads/QRCWhiteboardAdvanced.pdf)
- [Whiteboard tools](downloads/QRCWhiteboardTools.pdf)
[Download all quick reference cards](http://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)
[Download all quick reference cards](https://download.microsoft.com/download/E/7/F/E7FC6611-BB55-43E1-AF36-7BD5CE6E0FE0/SurfaceHub2S-EndUserGuides-July2019.zip)

137
devices/surface-hub/surface-hub-2s-adoption-videos.md Normal file
View File

@ -0,0 +1,137 @@
---
title: "Surface Hub 2S on-demand adoption and training videos"
description: "This page contains comprehensive training for Surface Hub 2S via on-demand streaming"
keywords: separate values with commas
ms.prod: surface-hub
ms.sitesec: library
author: greg-lindsay
ms.author: greglin
manager: laurawi
audience: Admin
ms.topic: article
ms.date: 11/04/2019
ms.localizationpriority: Medium
---
# Surface Hub 2S on-demand adoption and training videos
This page contains comprehensive training for Surface Hub 2S, available on demand.
## Chapter 1 - Training overview
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Jud>]<br>
- Welcome and introduction
- Training overview and agenda
- Software and technology reference
- Surface Hub messaging
- Industries and user roles
- Overview of training services
- Training best practices
## Chapter 2 - Getting started with Surface Hub
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Ejt>]<br>
- What is Surface Hub?
- Technical overview
- Steelcase Roam and the mobility story
- Surface Hub services
- Getting started with Surface Hub
- Gathering expectations
## Chapter 3 - Navigating Surface Hub
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46OFW>]<br>
- Welcome screen
- Start menu
- Full screen
- Clip to Whiteboard
- Task bar menu
- Teams/Skype
- End Session
## Chapter 4 - Whiteboarding and collaboration
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4v>]<br>
- Whiteboard introduction
- Starting the Whiteboard
- Whiteboard tools
- Inserting pictures
- Changing the background
- Sharing the whiteboard
- Export the Whiteboard
## Chapter 5 - Exploring Surface Hub apps
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46Ejz>]<br>
- Surface Hub apps introduction
- PowerPoint overview
- Microsoft Word
- Microsoft Excel
- Microsoft Edge
## Chapter 6 - Advanced apps and Office 365
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46EjA>]<br>
- Advanced apps introduction
- Microsoft Maps
- Photos
- Power BI
- Sign in to Office 365
- OneDrive
- CoAuthor documents
## Chapter 7 - Connecting devices
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4w>]<br>
- Connect introduction
- Miracast overview
- Touch and Pen Input
- Wired connect overview
- Line of Business app workflows
- Troubleshooting Miracast and wired connect
## Chapter 8 - Skype for Business meetings
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46M4x>]<br>
- Introduction to Skype for Business
-Scheduling Skype for Business meetings
- Start a meeting
- Start an ad hoc meeting
- Join a meeting on your calendar
- Managing a Skype for Business meeting
- Present content
## Chapter 9 - Microsoft Teams meetings
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46OFZ>]<br>
- Introduction to Microsoft Teams
- Scheduling Microsoft Teams meetings
- Start a meeting
- Start an ad hoc meeting
- Join a meeting on your calendar
- Managing a Microsoft Teams meeting
- Present content
- Conclusion
## Chapter 10 - Basic troubleshooting
> ![VIDEO <https://www.microsoft.com/videoplayer/embed/RE46z65>]<br>
- Introduction to Surface Hub troubleshooting
- Application troubleshooting
- End Session
- Restart the device
- Power cycle the device
- Factory reset
- Settings
- Manage Surface Hub
- Conclusion

4
devices/surface-hub/surface-hub-site-readiness-guide.md
View File

@ -99,8 +99,8 @@ There are three ways to mount your Surface Hub:
For specifications on available mounts for the original Surface Hub, see the following:
- [Surface Hub Mounts and Stands Datasheet](http://download.microsoft.com/download/5/0/1/501F98D9-1BCC-4448-A1DB-47056CEE33B6/20160711_Surface_Hub_Mounts_and_Stands_Datasheet.pdf)
- [Surface Hub Stand and Wall Mount Specifications](http://download.microsoft.com/download/7/A/7/7A75BD0F-5A46-4BCE-B313-A80E47AEB581/20160720_Combined_Stand_Wall_Mount_Drawings.pdf)
- [Surface Hub Mounts and Stands Datasheet](https://download.microsoft.com/download/5/0/1/501F98D9-1BCC-4448-A1DB-47056CEE33B6/20160711_Surface_Hub_Mounts_and_Stands_Datasheet.pdf)
- [Surface Hub Stand and Wall Mount Specifications](https://download.microsoft.com/download/7/A/7/7A75BD0F-5A46-4BCE-B313-A80E47AEB581/20160720_Combined_Stand_Wall_Mount_Drawings.pdf)
## The Connect experience

14
devices/surface/surface-dock-firmware-update.md
View File

@ -47,8 +47,14 @@ You can use Windows Installer commands (Msiexec.exe) to deploy Surface Dock Firm
- **Msiexec.exe /i <name of msi> /quiet /norestart**
> [!NOTE]
> A log file is not created by default. In order to create a log file, you will need to append "/l*v [path]"
For more information, refer to [Command line options](https://docs.microsoft.com/windows/win32/msi/command-line-options) documentation.
> [!IMPORTANT]
> If you want to keep your Surface Dock updated using any other method, refer to [Update your Surface Dock](https://support.microsoft.com/help/4023478/surface-update-your-surface-dock) for details.
## Intune deployment
You can use Intune to distribute Surface Dock Firmware Update to your devices. First you will need to convert the MSI file to the .intunewin format, as described in the following documentation: [Intune Standalone - Win32 app management](https://docs.microsoft.com/intune/apps/apps-win32-app-management).
@ -84,8 +90,8 @@ Successful completion of Surface Dock Firmware Update results in new registry ke
| Log | Location | Notes |
| -------------------------------- | -------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Surface Dock Firmware Update log | /l*v %windir%\logs\Applications\SurfaceDockFWI.log | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. |
| Windows Device Install log | %windir%\inf\ setupapi.dev.log | For more information about using Device Install Log, refer [to SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-) documentation. |
| Surface Dock Firmware Update log | Path needs to be specified (see note) | Earlier versions of this tool wrote events to Applications and Services Logs\Microsoft Surface Dock Updater. |
| Windows Device Install log | %windir%\inf\setupapi.dev.log | For more information about using Device Install Log, refer to [SetupAPI Logging](https://docs.microsoft.com/windows-hardware/drivers/install/setupapi-logging--windows-vista-and-later-). |
**Table 2. Event log IDs for Surface Dock Firmware Update**
@ -97,6 +103,10 @@ Successful completion of Surface Dock Firmware Update results in new registry ke
| 2003 | Dock firmware update failed to get firmware version. |
| 2004 | Querying the firmware version. |
| 2005 | Dock firmware failed to start update. |
| 2006 | Failed to send offer/payload pairs. |
| 2007 | Firmware update finished. |
| 2008 | BEGIN dock telemetry. |
| 2011 | END dock telemetry. |
## Troubleshooting tips

2
education/developers.yml
View File

@ -8,7 +8,7 @@ metadata:
description: Are you an app developer looking for information about developing solutions on Microsoft Education products? Start here.
ms.service: help
ms.topic: hub-page
author: v-savila
author: LaurenMoynihan
ms.author: v-lamoyn
ms.date: 10/24/2019

2
education/index.yml
View File

@ -8,7 +8,7 @@ metadata:
description: Learn about product documentation and resources available for school IT administrators, teachers, students, and education app developers.
ms.service: help
ms.topic: hub-page
author: v-savila
author: LaurenMoynihan
ms.author: v-lamoyn
ms.date: 10/24/2019

42
education/itadmins.yml
View File

@ -8,26 +8,26 @@ metadata:
description: M365 Education consists of Office 365 Education, Windows 10 Education, and security and management tools such as Intune for Education and School Data Sync.
ms.service: help
ms.topic: hub-page
author: v-savila
author: LaurenMoynihan
ms.author: v-lamoyn
ms.date: 10/24/2019
productDirectory:
summary: This guide is designed for IT admins looking for the simplest way to move their platform to the cloud. It does not capture all the necessary steps for large scale or complex deployments. Check out at https://edujourney.microsoft.com/. Find help now at https://docs.microsoft.com/en-us/microsoft-365/education/deploy/find-deployment-help.
summary: This guide is designed for IT admins looking for the simplest way to move their platform to the cloud. It does not capture all the necessary steps for large scale or complex deployments. Check out at https://edujourney.microsoft.com/. Find help now at https://docs.microsoft.com/microsoft-365/education/deploy/find-deployment-help.
items:
# Card
- title: Phase 1 - Cloud deployment
imageSrc: ./images/EDU-Deploy.svg
links:
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/create-your-office-365-tenant
- url: https://docs.microsoft.com/microsoft-365/education/deploy/create-your-office-365-tenant
text: 1. Create your Office 365 tenant
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/secure-and-configure-your-network
- url: https://docs.microsoft.com/microsoft-365/education/deploy/secure-and-configure-your-network
text: 2. Secure and configure your network
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/aad-connect-and-adfs
- url: https://docs.microsoft.com/microsoft-365/education/deploy/aad-connect-and-adfs
text: 3. Sync your active directory
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/school-data-sync
- url: https://docs.microsoft.com/microsoft-365/education/deploy/school-data-sync
text: 4. Sync you SIS using School Data Sync
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/license-users
- url: https://docs.microsoft.com/microsoft-365/education/deploy/license-users
text: 5. License users
# Card
- title: Phase 2 - Device management
@ -35,11 +35,11 @@ productDirectory:
links:
- url: https://docs.microsoft.com/en-us/education/windows/
text: 1. Get started with Windows 10 for Education
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/set-up-windows-10-education-devices
- url: https://docs.microsoft.com/microsoft-365/education/deploy/set-up-windows-10-education-devices
text: 2. Set up Windows 10 devices
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/intune-for-education
- url: https://docs.microsoft.com/microsoft-365/education/deploy/intune-for-education
text: 3. Get started with Intune for Education
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/use-intune-for-education
- url: https://docs.microsoft.com/microsoft-365/education/deploy/use-intune-for-education
text: 4. Use Intune to manage groups, apps, and settings
- url: https://docs.microsoft.com/en-us/intune/enrollment/enrollment-autopilot
text: 5. Enroll devices using Windows Autopilot
@ -47,28 +47,28 @@ productDirectory:
- title: Phase 3 - Apps management
imageSrc: ./images/EDU-Apps-Mgmt.svg
links:
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/configure-admin-settings
- url: https://docs.microsoft.com/microsoft-365/education/deploy/configure-admin-settings
text: 1. Configure admin settings
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/set-up-teams-for-education
- url: https://docs.microsoft.com/microsoft-365/education/deploy/set-up-teams-for-education
text: 2. Set up Teams for Education
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-office-365
- url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-office-365
text: 3. Set up Office 365
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/microsoft-store-for-education
- url: https://docs.microsoft.com/microsoft-365/education/deploy/microsoft-store-for-education
text: 4. Install apps from Microsoft Store for Education
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/minecraft-for-education
- url: https://docs.microsoft.com/microsoft-365/education/deploy/minecraft-for-education
text: 5. Install Minecraft - Education Edition
# Card
- title: Complete your deployment
# imageSrc should be square in ratio with no whitespace
imageSrc: ./images/EDU-Tasks.svg
links:
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-exchange-online
- url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-exchange-online
text: Deploy Exchange Online
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-sharepoint-online-and-onedrive
- url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-sharepoint-online-and-onedrive
text: Deploy SharePoint Online and OneDrive
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-exchange-server-hybrid
- url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-exchange-server-hybrid
text: Deploy Exchange Server hybrid
- url: https://docs.microsoft.com/en-us/microsoft-365/education/deploy/deploy-sharepoint-server-hybrid
- url: https://docs.microsoft.com/microsoft-365/education/deploy/deploy-sharepoint-server-hybrid
text: Deploy SharePoint Server Hybrid
# Card
- title: Security & Compliance
@ -80,9 +80,9 @@ productDirectory:
text: Azure information protection deployment acceleration guide
- url: https://docs.microsoft.com/en-us/cloud-app-security/getting-started-with-cloud-app-security
text: Microsoft Cloud app security
- url: https://docs.microsoft.com/en-us/microsoft-365/compliance/create-test-tune-dlp-policy
- url: https://docs.microsoft.com/microsoft-365/compliance/create-test-tune-dlp-policy
text: Office 365 data loss prevention
- url: https://docs.microsoft.com/en-us/microsoft-365/compliance/
- url: https://docs.microsoft.com/microsoft-365/compliance/
text: Office 365 advanced compliance
- url: https://social.technet.microsoft.com/wiki/contents/articles/35748.office-365-what-is-customer-lockbox-and-how-to-enable-it.aspx
text: Deploying Lockbox

2
education/partners.yml
View File

@ -8,7 +8,7 @@ metadata:
description: Looking for resources available to Microsoft Education partners? Start here.
ms.service: help
ms.topic: hub-page
author: v-savila
author: LaurenMoynihan
ms.author: v-lamoyn
ms.date: 10/24/2019

2
mdop/appv-v5/creating-and-managing-app-v-50-virtualized-applications.md
View File

@ -20,7 +20,7 @@ ms.date: 06/16/2016
After you have properly deployed the Microsoft Application Virtualization (App-V) 5.0 sequencer, you can use it to monitor and record the installation and setup process for an application to be run as a virtualized application.
**Note**  
For more information about configuring the Microsoft Application Virtualization (App-V) 5.0 sequencer, sequencing best practices, and an example of creating and updating a virtual application, see the [Microsoft Application Virtualization 5.0 Sequencing Guide](https://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx) (http://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx).
For more information about configuring the Microsoft Application Virtualization (App-V) 5.0 sequencer, sequencing best practices, and an example of creating and updating a virtual application, see the [Microsoft Application Virtualization 5.0 Sequencing Guide](https://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx) (https://download.microsoft.com/download/F/7/8/F784A197-73BE-48FF-83DA-4102C05A6D44/App-V 5.0 Sequencing Guide.docx).

2
mdop/mbam-v25/deploy-mbam.md
View File

@ -110,7 +110,7 @@ Choose a server that meets the hardware configuration as explained in the [MBAM
.NET Framework Environment<br />
Configuration APIs
For the self-service portal to work, you should also [download and install ASP.NET MVC 4.0](http://go.microsoft.com/fwlink/?linkid=392271).
For the self-service portal to work, you should also [download and install ASP.NET MVC 4.0](https://go.microsoft.com/fwlink/?linkid=392271).
The next step is to create the required MBAM users and groups in Active Directory.

3
windows/client-management/connect-to-remote-aadj-pc.md
View File

@ -82,7 +82,8 @@ In organizations using only Azure AD, you can connect from an Azure AD-joined PC
- Password
- Windows Hello for Business, with or without an MDM subscription.
> [!NOTE]
> If the RDP client is running Windows Server 2016 or Windows Server 2019, to be able to connect to Azure Active Directory-joined PCs, it must [allow Public Key Cryptography Based User-to-User (PKU2U) authentication requests to use online identities](https://docs.microsoft.com/windows/security/threat-protection/security-policy-settings/network-security-allow-pku2u-authentication-requests-to-this-computer-to-use-online-identities).
## Related topics

4
windows/client-management/mdm/configuration-service-provider-reference.md
View File

@ -2699,8 +2699,8 @@ Additional lists:
## CSP DDF files download
You can download the DDF files for various CSPs from the links below:
- [Download all the DDF files for Windows 10, version 1903](http://download.microsoft.com/download/6/F/0/6F019079-6EB0-41B5-88E8-D1CE77DBA27B/Windows10_1903_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1809](http://download.microsoft.com/download/6/A/7/6A735141-5CFA-4C1B-94F4-B292407AF662/Windows10_1809_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1903](https://download.microsoft.com/download/6/F/0/6F019079-6EB0-41B5-88E8-D1CE77DBA27B/Windows10_1903_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1809](https://download.microsoft.com/download/6/A/7/6A735141-5CFA-4C1B-94F4-B292407AF662/Windows10_1809_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1803](https://download.microsoft.com/download/6/2/7/6276FE19-E3FD-4254-9C16-3C31CAA2DE50/Windows10_1803_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1709](https://download.microsoft.com/download/9/7/C/97C6CF99-F75C-475E-AF18-845F8CECCFA4/Windows10_1709_DDF_download.zip)
- [Download all the DDF files for Windows 10, version 1703](https://download.microsoft.com/download/C/7/C/C7C94663-44CF-4221-ABCA-BC895F42B6C2/Windows10_1703_DDF_download.zip)

6
windows/client-management/mdm/policy-ddf-file.md
View File

@ -20,10 +20,10 @@ This topic shows the OMA DM device description framework (DDF) for the **Policy*
You can view various Policy DDF files by clicking the following links:
- [View the Policy DDF file for Windows 10, version 1903](http://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml)
- [View the Policy DDF file for Windows 10, version 1809](http://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml)
- [View the Policy DDF file for Windows 10, version 1903](https://download.microsoft.com/download/0/C/D/0CD61812-8B9C-4846-AC4A-1545BFD201EE/PolicyDDF_all_1903.xml)
- [View the Policy DDF file for Windows 10, version 1809](https://download.microsoft.com/download/7/3/5/735B8537-82F4-4CD1-B059-93984F9FAAC5/Policy_DDF_all_1809.xml)
- [View the Policy DDF file for Windows 10, version 1803](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all.xml)
- [View the Policy DDF file for Windows 10, version 1803 release C](http://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
- [View the Policy DDF file for Windows 10, version 1803 release C](https://download.microsoft.com/download/4/9/6/496534EE-8F0C-4F12-B084-A8502DA22430/PolicyDDF_all_1809C_release.xml)
- [View the Policy DDF file for Windows 10, version 1709](https://download.microsoft.com/download/8/C/4/8C43C116-62CB-470B-9B69-76A3E2BC32A8/PolicyDDF_all.xml)
- [View the Policy DDF file for Windows 10, version 1703](https://download.microsoft.com/download/7/2/C/72C36C37-20F9-41BF-8E23-721F6FFC253E/PolicyDDF_all.xml)
- [View the Policy DDF file for Windows 10, version 1607](https://download.microsoft.com/download/6/1/C/61C022FD-6F5D-4F73-9047-17F630899DC4/PolicyDDF_all_version1607.xml)

8
windows/client-management/mdm/win32-and-centennial-app-policy-configuration.md
View File

@ -27,6 +27,12 @@ manager: dansimp
Starting in Windows 10, version 1703, you can import ADMX files (also called ADMX ingestion) and set those ADMX-backed policies for Win32 and Desktop Bridge apps by using Windows 10 Mobile Device Management (MDM) on desktop SKUs. The ADMX files that define policy information can be ingested to your device by using the Policy CSP URI, `./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall`. The ingested ADMX file is then processed into MDM policies.
NOTE: Starting from the following Windows 10 version Replace command is supported
- Windows 10, version 1903 with KB4512941 and KB4517211installed
- Windows 10, version 1809 withKB4512534and KB installed
- Windows 10, version 1803 withKB4512509and KB installed
- Windows 10, version 1709 withKB4516071and KB installed
When the ADMX policies are imported, the registry keys to which each policy is written are checked so that known system registry keys, or registry keys that are used by existing inbox policies or system components, are not overwritten. This precaution helps to avoid security concerns over opening the entire registry. Currently, the ingested policies are not allowed to write to locations within the **System**, **Software\Microsoft**, and **Software\Policies\Microsoft** keys, except for the following locations:
- Software\Policies\Microsoft\Office\
@ -48,6 +54,8 @@ When the ADMX policies are imported, the registry keys to which each policy is w
- software\microsoft\exchange\
- software\policies\microsoft\vba\security\
- software\microsoft\onedrive
- software\Microsoft\Edge
- Software\Microsoft\EdgeUpdate\
> [!Warning]
> Some operating system components have built in functionality to check devices for domain membership. MDM enforces the configured policy values only if the devices are domain joined, otherwise it does not. However, you can still import ADMX files and set ADMX-backed policies regardless of whether the device is domain joined or non-domain joined.

30
windows/client-management/troubleshoot-stop-errors.md
View File

@ -22,9 +22,9 @@ ms.author: dansimp
A Stop error is displayed as a blue screen that contains the name of the faulty driver, such as any of the following example drivers:
- atikmpag.sys
- igdkmd64.sys
- nvlddmkm.sys
- `atikmpag.sys`
- `igdkmd64.sys`
- `nvlddmkm.sys`
There is no simple explanation for the cause of Stop errors (also known as blue screen errors or bug check errors). Many different factors can be involved. However, various studies indicate that Stop errors usually are not caused by Microsoft Windows components. Instead, these errors are generally related to malfunctioning hardware drivers or drivers that are installed by third-party software. This includes video cards, wireless network cards, security programs, and so on.
@ -61,7 +61,7 @@ To troubleshoot Stop error messages, follow these general steps:
4. Run [Microsoft Safety Scanner](http://www.microsoft.com/security/scanner/en-us/default.aspx) or any other virus detection program that includes checks of the Master Boot Record for infections.
5. Make sure that there is sufficient free space on the hard disk. The exact requirement varies, but we recommend 10 to 15 percent free disk space.
5. Make sure that there is sufficient free space on the hard disk. The exact requirement varies, but we recommend 1015 percent free disk space.
6. Contact the respective hardware or software vendor to update the drivers and applications in the following scenarios:
@ -90,11 +90,11 @@ To configure the system for memory dump files, follow these steps:
5. Stop and disable Automatic System Restart Services (ASR) to prevent dump files from being written.
6. If the server is virtualized, disable auto reboot after the memory dump file is created. This lets you take a snapshot of the server in-state and also if the problem recurs.
The memory dump file is saved at the following locations.
The memory dump file is saved at the following locations:
| Dump file type | Location |
|----------------|----------|
|(none) | %SystemRoot%\MEMORY.DMP (inactive, or greyed out) |
|(none) | %SystemRoot%\MEMORY.DMP (inactive, or grayed out) |
|Small memory dump file (256 kb) | %SystemRoot%\Minidump |
|Kernel memory dump file | %SystemRoot%\MEMORY.DMP |
| Complete memory dump file | %SystemRoot%\MEMORY.DMP |
@ -118,7 +118,7 @@ More information on how to use Dumpchk.exe to check your dump files:
### Memory dump analysis
Finding the root cause of the crash may not be easy. Hardware problems are especially difficult to diagnose because they may cause erratic and unpredictable behavior that can manifest itself in a variety of symptoms.
Finding the root cause of the crash may not be easy. Hardware problems are especially difficult to diagnose because they may cause erratic and unpredictable behavior that can manifest itself in various symptoms.
When a Stop error occurs, you should first isolate the problematic components, and then try to cause them to trigger the Stop error again. If you can replicate the problem, you can usually determine the cause.
@ -138,8 +138,8 @@ You can use the tools such as Windows Software Development KIT (SDK) and Symbols
1. Verify that the computer is set up to generate a complete memory dump file when a crash occurs. See the steps [here](troubleshoot-windows-freeze.md#method-1-memory-dump) for more information.
2. Locate the memory.dmp file in your Windows directory on the computer that is crashing, and copy that file to another computer.
3. On the other computer, download the [Windows 10 SDK](https://developer.microsoft.com/en-US/windows/downloads/windows-10-sdk).
4. Start the install and choose **Debugging Tools for Windows**. This will install the WinDbg tool.
3. On the other computer, download the [Windows 10 SDK](https://developer.microsoft.com/windows/downloads/windows-10-sdk).
4. Start the install and choose **Debugging Tools for Windows**. This installs the WinDbg tool.
5. Open the WinDbg tool and set the symbol path by clicking **File** and then clicking **Symbol File Path**.<br>
a. If the computer is connected to the Internet, enter the [Microsoft public symbol server](https://docs.microsoft.com/windows-hardware/drivers/debugger/microsoft-public-symbols) (https://msdl.microsoft.com/download/symbols) and click **OK**. This is the recommended method.<br>
b. If the computer is not connected to the Internet, you must specify a local [symbol path](https://docs.microsoft.com/windows-hardware/drivers/debugger/symbol-path).
@ -149,7 +149,7 @@ You can use the tools such as Windows Software Development KIT (SDK) and Symbols
8. A detailed bugcheck analysis will appear. See the example below.
![Bugcheck analysis](images/bugcheck-analysis.png)
9. Scroll down to the section where it says **STACK_TEXT**. There will be rows of numbers with each row followed by a colon and some text. That text should tell you what DLL is causing the crash and if applicable what service is crashing the DLL.
10. See [Using the !analyze Exension](https://docs.microsoft.com/windows-hardware/drivers/debugger/using-the--analyze-extension) for details about how to interpret the STACK_TEXT output.
10. See [Using the !analyze Extension](https://docs.microsoft.com/windows-hardware/drivers/debugger/using-the--analyze-extension) for details about how to interpret the STACK_TEXT output.
There are many possible causes of a bugcheck and each case is unique. In the example provided above, the important lines that can be identified from the STACK_TEXT are 20, 21, and 22:
@ -213,7 +213,7 @@ Use the following guidelines when you use Driver Verifier:
- Test any “suspicious” drivers (drivers that were recently updated or that are known to be problematic).
- If you continue to experience non-analyzable crashes, try enabling verification on all third-party and unsigned drivers.
- Enable concurrent verification on groups of 10 to 20 drivers.
- Enable concurrent verification on groups of 1020 drivers.
- Additionally, if the computer cannot boot into the desktop because of Driver Verifier, you can disable the tool by starting in Safe mode. This is because the tool cannot run in Safe mode.
For more information, see [Driver Verifier](https://docs.microsoft.com/windows-hardware/drivers/devtest/driver-verifier).
@ -233,13 +233,13 @@ SYSTEM_SERVICE_EXCEPTION <br>Stop error code c000021a {Fatal System Error} The W
NTFS_FILE_SYSTEM <br>Stop error code 0x000000024 | This Stop error is commonly caused by corruption in the NTFS file system or bad blocks (sectors) on the hard disk. Corrupted drivers for hard disks (SATA or IDE) can also adversely affect the system's ability to read and write to disk. Run any hardware diagnostics that are provided by the manufacturer of the storage subsystem. Use the scan disk tool to verify that there are no file system errors. To do this, right-click the drive that you want to scan, select Properties, select Tools, and then select the Check now button.We also suggest that you update the NTFS file system driver (Ntfs.sys), and apply the latest cumulative updates for the current operating system that is experiencing the problem.
KMODE_EXCEPTION_NOT_HANDLED <br>Stop error code 0x0000001E | If a driver is identified in the Stop error message, disable or remove that driver. Disable or remove any drivers or services that were recently added. <br><br>If the error occurs during the startup sequence, and the system partition is formatted by using the NTFS file system, you might be able to use Safe mode to disable the driver in Device Manager. To do this, follow these steps:<br><br>Go to **Settings > Update &amp; security > Recovery**. Under **Advanced startup**, select **Restart now**. After your PC restarts to the **Choose an option** screen, select **Troubleshoot &gt; Advanced options &gt; Startup Settings &gt; Restart**. After the computer restarts, you'll see a list of options. Press **4** or **F4** to start the computer in Safe mode. Or, if you intend to use the Internet while in Safe mode, press **5** or **F5** for the Safe Mode with Networking option.
DPC_WATCHDOG_VIOLATION <br>Stop error code 0x00000133 | This Stop error code is caused by a faulty driver that does not complete its work within the allotted time frame in certain conditions. To enable us to help mitigate this error, collect the memory dump file from the system, and then use the Windows Debugger to find the faulty driver. If a driver is identified in the Stop error message, disable the driver to isolate the problem. Check with the manufacturer for driver updates. Check the system log in Event Viewer for additional error messages that might help identify the device or driver that is causing Stop error 0x133. Verify that any new hardware that is installed is compatible with the installed version of Windows. For example, you can get information about required hardware at Windows 10 Specifications. If Windows Debugger is installed, and you have access to public symbols, you can load the c:\windows\memory.dmp file into the Debugger, and then refer to [Determining the source of Bug Check 0x133 (DPC_WATCHDOG_VIOLATION) errors on Windows Server 2012](https://blogs.msdn.microsoft.com/ntdebugging/2012/12/07/determining-the-source-of-bug-check-0x133-dpc_watchdog_violation-errors-on-windows-server-2012/) to find the problematic driver from the memory dump.
USER_MODE_HEALTH_MONITOR <br>Stop error code 0x0000009E | This Stop error indicates that a user-mode health check failed in a way that prevents graceful shutdown. Therefore, Windows restores critical services by restarting or enabling application failover to other servers. The Clustering Service incorporates a detection mechanism that may detect unresponsiveness in user-mode components.<br>This Stop error usually occurs in a clustered environment, and the indicated faulty driver is RHS.exe.Check the event logs for any storage failures to identify the failing process.Try to update the component or process that is indicated in the event logs. You should see the following event recorded:<br>Event ID: 4870<br>Source: Microsoft-Windows-FailoverClustering<br>Description: User mode health monitoring has detected that the system is not being responsive. The Failover cluster virtual adapter has lost contact with the Cluster Server process with a process ID %1, for %2 seconds. Recovery action will be taken. Review the Cluster logs to identify the process and investigate which items might cause the process to hang. <br />For more information, see ["Why is my Failover Clustering node blue screening with a Stop 0x0000009E?"](https://blogs.technet.microsoft.com/askcore/2009/06/12/why-is-my-failover-clustering-node-blue-screening-with-a-stop-0x0000009e) Also, see the following Microsoft video [What to do if a 9E occurs](https://www.youtube.com/watch?v=vOJQEdmdSgw).
USER_MODE_HEALTH_MONITOR <br>Stop error code 0x0000009E | This Stop error indicates that a user-mode health check failed in a way that prevents graceful shutdown. Therefore, Windows restores critical services by restarting or enabling application failover to other servers. The Clustering Service incorporates a detection mechanism that may detect unresponsiveness in user-mode components.<br>This Stop error usually occurs in a clustered environment, and the indicated faulty driver is RHS.exe.Check the event logs for any storage failures to identify the failing process. Try to update the component or process that is indicated in the event logs. You should see the following event recorded:<br>Event ID: 4870<br>Source: Microsoft-Windows-FailoverClustering<br>Description: User mode health monitoring has detected that the system is not being responsive. The Failover cluster virtual adapter has lost contact with the Cluster Server process with a process ID %1, for %2 seconds. Recovery action is taken. Review the Cluster logs to identify the process and investigate which items might cause the process to hang. <br />For more information, see ["Why is my Failover Clustering node blue screening with a Stop 0x0000009E?"](https://blogs.technet.microsoft.com/askcore/2009/06/12/why-is-my-failover-clustering-node-blue-screening-with-a-stop-0x0000009e) Also, see the following Microsoft video [What to do if a 9E occurs](https://www.youtube.com/watch?v=vOJQEdmdSgw).
## Debugging examples
### Example 1
This bugcheck is caused by a driver hang during upgrade, resulting in a bugcheck D1 in NDIS.sys (a Microsoft driver). The **IMAGE_NAME** will tell you the faulting driver, but since this is Microsoft driver it cannot be replaced or removed. The resolution method is to disable the network device in device manager and try the upgrade again.
This bugcheck is caused by a driver hang during upgrade, resulting in a bugcheck D1 in NDIS.sys (a Microsoft driver). The **IMAGE_NAME** tells you the faulting driver, but since this is Microsoft driver it cannot be replaced or removed. The resolution method is to disable the network device in device manager and try the upgrade again.
```
2: kd> !analyze -v
@ -391,7 +391,7 @@ ANALYSIS_SESSION_ELAPSED_TIME: 8377
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_ndis!ndisqueueioworkitem
FAILURE_ID_HASH: {10686423-afa1-4852-ad1b-9324ac44ac96}
FAILURE_ID_REPORT_LINK: http://go.microsoft.com/fwlink/?LinkID=397724&FailureHash=10686423-afa1-4852-ad1b-9324ac44ac96
FAILURE_ID_REPORT_LINK: https://go.microsoft.com/fwlink/?LinkID=397724&FailureHash=10686423-afa1-4852-ad1b-9324ac44ac96
Followup: ndiscore
---------
```
@ -564,7 +564,7 @@ ANALYSIS_SESSION_ELAPSED_TIME: 162bd
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:av_r_invalid_wwanusbmp!unknown_function
FAILURE_ID_HASH: {31e4d053-0758-e43a-06a7-55f69b072cb3}
FAILURE_ID_REPORT_LINK: http://go.microsoft.com/fwlink/?LinkID=397724&FailureHash=31e4d053-0758-e43a-06a7-55f69b072cb3
FAILURE_ID_REPORT_LINK: https://go.microsoft.com/fwlink/?LinkID=397724&FailureHash=31e4d053-0758-e43a-06a7-55f69b072cb3
Followup: MachineOwner
---------

2
windows/configuration/set-up-shared-or-guest-pc.md
View File

@ -36,7 +36,7 @@ It is intended that shared PCs are joined to an Active Directory or Azure Active
When the account management service is turned on in shared PC mode, accounts are automatically deleted. Account deletion applies to Active Directory, Azure Active Directory, and local accounts that are created by the **Guest** and **Kiosk** options. Account management is performed both at sign-off time (to make sure there is enough disk space for the next user) as well as during system maintenance time periods. Shared PC mode can be configured to delete accounts immediately at sign-out or when disk space is low. In Windows 10, version 1703, an inactive option is added which deletes accounts if they haven't signed in after a specified number of days.
### Maintenance and sleep
Shared PC mode is configured to take advantage of maintenance time periods which run while the PC is not in use. Therefore, sleep is strongly recommended so that the PC can wake up when it is not is use to perform maintenance, clean up accounts, and run Windows Update. The recommended settings can be set by choosing **SetPowerPolicies** in the list of shared PC options. Additionally, on devices without Advanced Configuration and Power Interface (ACPI) wake alarms, shared PC mode will always override real-time clock (RTC) wake alarms to be allowed to wake the PC from sleep (by default, RTC wake alarms are off). This ensures that the widest variety of hardware will take advantage of maintenance periods.
Shared PC mode is configured to take advantage of maintenance time periods which run while the PC is not in use. Therefore, sleep is strongly recommended so that the PC can wake up when it is not in use to perform maintenance, clean up accounts, and run Windows Update. The recommended settings can be set by choosing **SetPowerPolicies** in the list of shared PC options. Additionally, on devices without Advanced Configuration and Power Interface (ACPI) wake alarms, shared PC mode will always override real-time clock (RTC) wake alarms to be allowed to wake the PC from sleep (by default, RTC wake alarms are off). This ensures that the widest variety of hardware will take advantage of maintenance periods.
While shared PC mode does not configure Windows Update itself, it is strongly recommended to configure Windows Update to automatically install updates and reboot (if necessary) during maintenance hours. This will help ensure the PC is always up to date and not interrupting users with updates.

1
windows/deployment/update/windows-update-troubleshooting.md
View File

@ -24,6 +24,7 @@ If you run into problems when using Windows Update, start with the following ste
2. Install the most recent Servicing Stack Update (SSU) that matches your version of Windows from theMicrosoft Update Catalog. See [Servicing stack updates](servicing-stack-updates.md) for more details on SSU.
3. Make sure that you install the latest Windows updates, cumulative updates, and rollup updates. To verify the update status, refer to the appropriate update history for your system:
- [Windows 10, version 1903 and Windows Server, version 1903](https://support.microsoft.com/help/4498140)
- [Windows 10, version 1809 and Windows Server 2019](https://support.microsoft.com/help/4464619/windows-10-update-history)
- [Windows 10, version 1803](https://support.microsoft.com/help/4099479/windows-10-update-history)
- [Windows 10, version 1709](https://support.microsoft.com/help/4043454)

90
windows/deployment/upgrade/log-files.md
View File

@ -9,7 +9,8 @@ ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: deploy
audience: itpro author: greg-lindsay
audience: itpro
author: greg-lindsay
ms.localizationpriority: medium
ms.topic: article
---
@ -159,6 +160,93 @@ Therefore, Windows Setup failed because it was not able to migrate the corrupt f
27:08, Error SP SPDoFrameworkGather: Gather operation failed. Error: 0x0000002C
</pre>
<br><B>setupapi.dev.log</B> content:
<pre style="font-size: 10px; overflow-y: visible">
>>> [Device Install (UpdateDriverForPlugAndPlayDevices) - PCI\VEN_8086&DEV_8C4F]
>>> Section start 2019/09/26 20:13:01.623
cmd: rundll32.exe "C:\WINDOWS\Installer\MSI6E4C.tmp",zzzzInvokeManagedCustomActionOutOfProc SfxCA_95972906 484 ChipsetWiX.CustomAction!Intel.Deployment.ChipsetWiX.CustomActions.InstallDrivers
ndv: INF path: C:\WINDOWS\TEMP\{15B1CD41-69F5-48EA-9F45-0560A40FE2D8}\Drivers\lynxpoint\LynxPointSystem.inf
ndv: Install flags: 0x00000000
ndv: {Update Device Driver - PCI\VEN_8086&DEV_8C4F&SUBSYS_05BE1028&REV_04\3&11583659&0&F8}
ndv: Search options: 0x00000081
ndv: Searching single INF 'C:\WINDOWS\TEMP\{15B1CD41-69F5-48EA-9F45-0560A40FE2D8}\Drivers\lynxpoint\LynxPointSystem.inf'
dvi: {Build Driver List} 20:13:01.643
dvi: Searching for hardware ID(s):
dvi: pci\ven_8086&dev_8c4f&subsys_05be1028&rev_04
dvi: pci\ven_8086&dev_8c4f&subsys_05be1028
dvi: pci\ven_8086&dev_8c4f&cc_060100
dvi: pci\ven_8086&dev_8c4f&cc_0601
dvi: Searching for compatible ID(s):
dvi: pci\ven_8086&dev_8c4f&rev_04
dvi: pci\ven_8086&dev_8c4f
dvi: pci\ven_8086&cc_060100
dvi: pci\ven_8086&cc_0601
dvi: pci\ven_8086
dvi: pci\cc_060100
dvi: pci\cc_0601
sig: {_VERIFY_FILE_SIGNATURE} 20:13:01.667
sig: Key = lynxpointsystem.inf
sig: FilePath = c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\lynxpointsystem.inf
sig: Catalog = c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\LynxPoint.cat
sig: Success: File is signed in catalog.
sig: {_VERIFY_FILE_SIGNATURE exit(0x00000000)} 20:13:01.683
dvi: Created Driver Node:
dvi: HardwareID - PCI\VEN_8086&DEV_8C4F
dvi: InfName - c:\windows\temp\{15b1cd41-69f5-48ea-9f45-0560a40fe2d8}\drivers\lynxpoint\lynxpointsystem.inf
dvi: DevDesc - Intel(R) QM87 LPC Controller - 8C4F
dvi: Section - Needs_ISAPNP_DRV
dvi: Rank - 0x00ff2001
dvi: Signer Score - WHQL
dvi: DrvDate - 04/04/2016
dvi: Version - 10.1.1.18
dvi: {Build Driver List - exit(0x00000000)} 20:13:01.699
ndv: Searching currently installed INF
dvi: {Build Driver List} 20:13:01.699
dvi: Searching for hardware ID(s):
dvi: pci\ven_8086&dev_8c4f&subsys_05be1028&rev_04
dvi: pci\ven_8086&dev_8c4f&subsys_05be1028
dvi: pci\ven_8086&dev_8c4f&cc_060100
dvi: pci\ven_8086&dev_8c4f&cc_0601
dvi: Searching for compatible ID(s):
dvi: pci\ven_8086&dev_8c4f&rev_04
dvi: pci\ven_8086&dev_8c4f
dvi: pci\ven_8086&cc_060100
dvi: pci\ven_8086&cc_0601
dvi: pci\ven_8086
dvi: pci\cc_060100
dvi: pci\cc_0601
dvi: Created Driver Node:
dvi: HardwareID - PCI\VEN_8086&DEV_8C4F
dvi: InfName - C:\WINDOWS\System32\DriverStore\FileRepository\lynxpointsystem.inf_amd64_cd1e518d883ecdfe\lynxpointsystem.inf
dvi: DevDesc - Intel(R) QM87 LPC Controller - 8C4F
dvi: Section - Needs_ISAPNP_DRV
dvi: Rank - 0x00ff2001
dvi: Signer Score - WHQL
dvi: DrvDate - 10/03/2016
dvi: Version - 10.1.1.38
dvi: {Build Driver List - exit(0x00000000)} 20:13:01.731
dvi: {DIF_SELECTBESTCOMPATDRV} 20:13:01.731
dvi: Default installer: Enter 20:13:01.735
dvi: {Select Best Driver}
dvi: Class GUID of device changed to: {4d36e97d-e325-11ce-bfc1-08002be10318}.
dvi: Selected Driver:
dvi: Description - Intel(R) QM87 LPC Controller - 8C4F
dvi: InfFile - c:\windows\system32\driverstore\filerepository\lynxpointsystem.inf_amd64_cd1e518d883ecdfe\lynxpointsystem.inf
dvi: Section - Needs_ISAPNP_DRV
dvi: {Select Best Driver - exit(0x00000000)}
dvi: Default installer: Exit
dvi: {DIF_SELECTBESTCOMPATDRV - exit(0x00000000)} 20:13:01.743
ndv: Currently Installed Driver:
ndv: Inf Name - oem1.inf
ndv: Driver Date - 10/03/2016
ndv: Driver Version - 10.1.1.38
ndv: {Update Device Driver - exit(00000103)}
! ndv: No better matching drivers found for device 'PCI\VEN_8086&DEV_8C4F&SUBSYS_05BE1028&REV_04\3&11583659&0&F8'.
! ndv: No devices were updated.
<<< Section end 2019/09/26 20:13:01.759
<<< [Exit status: FAILURE(0xC1900101)]
</pre>
<br>This analysis indicates that the Windows upgrade error can be resolved by deleting the C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\[CN] file. Note: In this example, the full, unshortened file name is C:\ProgramData\Microsoft\Crypto\RSA\S-1-5-18\be8228fb2d3cb6c6b0ccd9ad51b320b4_a43d512c-69f2-42de-aef9-7a88fabdaa3f.

4
windows/deployment/vda-subscription-activation.md
View File

@ -37,7 +37,7 @@ Deployment instructions are provided for the following scenarios:
### Scenario 1
- The VM is running Windows 10, version 1803 or later.
- The VM is hosted in Azure or another [Qualified Multitenant Hoster](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx) (QMTH).
- The VM is hosted in Azure or another [Qualified Multitenant Hoster](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx) (QMTH).
When a user with VDA rights signs in to the VM using their AAD credentials, the VM is automatically stepped-up to Enterprise and activated. There is no need to perform Windows 10 Pro activation. This eliminates the need to maintain KMS or MAK in the qualifying cloud infrastructure.
@ -47,7 +47,7 @@ Deployment instructions are provided for the following scenarios:
[Inherited Activation](https://docs.microsoft.com/windows/deployment/windows-10-subscription-activation#inherited-activation) is enabled. All VMs created by a user with a Windows 10 E3 or E5 license are automatically activated independent of whether a user signs in with a local account or using an Azure Active Directory account.
### Scenario 3
- The VM is running Windows 10, version 1703 or 1709, or the hoster is not an authorized [QMTH](https://www.microsoft.com/CloudandHosting/licensing_sca.aspx) partner.
- The VM is running Windows 10, version 1703 or 1709, or the hoster is not an authorized [QMTH](https://www.microsoft.com/en-us/CloudandHosting/licensing_sca.aspx) partner.
In this scenario, the underlying Windows 10 Pro license must be activated prior to Subscription Activation of Windows 10 Enterprise. Activation is accomplished using a Windows 10 Pro Generic Volume License Key (GVLK) and a Volume License KMS activation server provided by the hoster. Alternatively, a KMS activation server on your corporate network can be used if you have configured a private connection, such as [ExpressRoute](https://azure.microsoft.com/services/expressroute/) or [VPN Gateway](https://azure.microsoft.com/services/vpn-gateway/).

2
windows/deployment/windows-autopilot/add-devices.md
View File

@ -27,7 +27,7 @@ Before deploying a device using Windows Autopilot, the device must be registered
## OEM registration
When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service. For the list of OEMs that currently support this, see the "Participant device manufacturers" section of the [Windows Autopilot information page](https://www.microsoft.com/windowsforbusiness/windows-autopilot).
When you purchase devices directly from an OEM, that OEM can automatically register the devices with the Windows Autopilot deployment service. For the list of OEMs that currently support this, see the "Participant device manufacturers and resellers" section of the [Windows Autopilot information page](https://aka.ms/windowsautopilot).
Before an OEM can register devices on behalf of an organization, the organization must grant the OEM permission to do so. This process is initiated by the OEM, with approval granted by an Azure AD global administrator from the organization. See the "Customer Consent" section of the [Customer consent page](https://docs.microsoft.com/windows/deployment/windows-autopilot/registration-auth#oem-authorization).

2
windows/privacy/diagnostic-data-viewer-overview.md
View File

@ -45,7 +45,7 @@ Before you can use this tool for viewing Windows diagnostic data, you must turn
Download the app from the [Microsoft Store Diagnostic Data Viewer](https://www.microsoft.com/store/p/diagnostic-data-viewer/9n8wtrrsq8f7?rtc=1) page.
>[!Important]
>It's possible that your Windows device doesn't have the Microsoft Store available (for example, Windows Server). If this is the case, see [Diagnostic Data Viewer for PowerShell](https://go.microsoft.com/fwlink/?linkid=2023830).
>It's possible that your Windows device doesn't have the Microsoft Store available (for example, Windows Server). If this is the case, see [Diagnostic Data Viewer for PowerShell](https://go.microsoft.com/fwlink/?linkid=2094264).
### Start the Diagnostic Data Viewer
You can start this app from the **Settings** panel.

2
windows/privacy/manage-windows-1809-endpoints.md
View File

@ -398,7 +398,7 @@ The following endpoint is used to retrieve Skype configuration values. To turn o
## Windows Defender
The following endpoint is used for Windows Defender when Cloud-based Protection is enabled.
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection.
If you [turn off traffic for this endpoint](manage-connections-from-windows-operating-system-components-to-microsoft-services.md#bkmk-defender), the device will not use Cloud-based Protection. For a detailed list of Windows Defender Antivirus cloud service connections, see [Allow connections to the Windows Defender Antivirus cloud service](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus#allow-connections-to-the-windows-defender-antivirus-cloud-service).
| Source process | Protocol | Destination |
|----------------|----------|------------|

6
windows/release-information/index.md
View File

@ -11,6 +11,7 @@ author: lizap
ms.author: elizapo
ms.localizationpriority: high
---
# Windows 10 release information
Feature updates for Windows 10 are released twice a year, around March and September, via the Semi-Annual Channel. They will be serviced with monthly quality updates for 18 or 30 months from the date of the release, depending on the lifecycle policy.
@ -20,13 +21,10 @@ We recommend that you begin deployment of each Semi-Annual Channel release immed
For information about servicing timelines, see the [Windows lifecycle fact sheet](https://support.microsoft.com/help/13853).
> [!NOTE]
>Beginning with Windows 10, version 1903, this page will no longer list Semi-Annual Channel (Targeted) information for version 1903 and future feature updates. Instead, you will find a single entry for each Semi-Annual Channel release. For more information, see [this blog post](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523).
> Beginning with Windows 10, version 1903, you will find a [single entry for each SAC release](https://techcommunity.microsoft.com/t5/Windows-IT-Pro-Blog/Windows-Update-for-Business-and-the-retirement-of-SAC-T/ba-p/339523).
<div class="m-rich-content-block" data-grid="col-12">
<div id="winrelinfo" xmlns="http://www.w3.org/1999/xhtml"><iframe width="100%" height="866px" id="winrelinfo_iframe" src="https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/en-US.html" frameborder="0" marginwidth="0" marginheight="0" scrolling="auto"></iframe></div>
<script src="https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/iframe.js" xmlns="http://www.w3.org/1999/xhtml"></script>
<script xmlns="http://www.w3.org/1999/xhtml">/*<![CDATA[*/winrelinfo_setup("https://winreleaseinfoprod.blob.core.windows.net/winreleaseinfoprod/en-US.html")/*]]>*/</script>
</div>

2
windows/release-information/resolved-issues-windows-10-1809-and-windows-server-2019.yml
View File

@ -54,7 +54,6 @@ sections:
<tr><td><div id='215msg'></div><b>Zone transfers over TCP may fail</b><br>Zone transfers between primary and secondary DNS servers over the Transmission Control Protocol (TCP) may fail.<br><br><a href = '#215msgdesc'>See details ></a></td><td>OS Build 17763.475<br><br>May 03, 2019<br><a href ='https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4494441' target='_blank'>KB4494441</a></td><td>May 14, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='212msg'></div><b>Latest cumulative update (KB 4495667) installs automatically</b><br>Reports that the optional cumulative update (KB 4495667) installs automatically.<br><br><a href = '#212msgdesc'>See details ></a></td><td>OS Build 17763.475<br><br>May 03, 2019<br><a href ='https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 08, 2019 <br>03:37 PM PT</td></tr>
<tr><td><div id='198msg'></div><b>System may be unresponsive after restart if ArcaBit antivirus software installed</b><br>After further investigation ArcaBit has confirmed this issue is not applicable to Windows 10, version 1809<br><br><a href = '#198msgdesc'>See details ></a></td><td>OS Build 17763.437<br><br>April 09, 2019<br><a href ='https://support.microsoft.com/help/4493509' target='_blank'>KB4493509</a></td><td>Resolved<br><a href = '' target='_blank'></a></td><td>May 08, 2019 <br>03:30 PM PT</td></tr>
<tr><td><div id='49msg'></div><b>Custom URI schemes may not start corresponding application</b><br>Custom URI schemes for application protocol handlers may not start the corresponding application.<br><br><a href = '#49msgdesc'>See details ></a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>May 03, 2019 <br>10:00 AM PT</td></tr>
</table>
"
@ -140,7 +139,6 @@ sections:
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='88msgdesc'></div><b>Issue using PXE to start a device from WDS</b><div>After installing <a href=\"https://support.microsoft.com/help/4489899\" target=\"_blank\">KB4489899</a>, there may be issues using the Preboot Execution Environment (PXE) to start a device from a Windows Deployment Services (WDS) server configured to use Variable Window Extension. This may cause the connection to the WDS server to terminate prematurely while downloading the image. This issue does not affect clients or devices that are not using Variable Window Extension.&nbsp;</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 8.1</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012</li></ul><div></div><div><strong>Resolution:</strong>&nbsp;This issue was resolved in <a href='https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a>.</div><br><a href ='#88msg'>Back to top</a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4503327' target='_blank'>KB4503327</a></td><td>Resolved:<br>June 11, 2019 <br>10:00 AM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='49msgdesc'></div><b>Custom URI schemes may not start corresponding application</b><div>After installing <a href=\"https://support.microsoft.com/help/4489899\" target=\"_blank\">KB4489899</a>, custom URI schemes for application protocol handlers may not start the corresponding application for local intranet and trusted sites security zones on Internet Explorer.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10, version 1607; Windows 10 Enterprise LTSC 2016; Windows 10, version 1507; Windows 10 Enterprise LTSB 2015; Windows 8.1; Windows 7 SP1&nbsp;</li><li>Server: Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709; Windows Server 2016; Windows Server 2012 R2; Windows Server 2008 R2 SP1</li></ul><div></div><div><strong>Workaround:</strong> Right-click the URL link to open it in a new window or tab, or enable Protected Mode in Internet Explorer for local intranet and trusted sites</div><ol><li>Go to <strong>Tools &gt; Internet options </strong>&gt;<strong> Security</strong>.</li><li>Within <strong>Select a zone to view of change security settings</strong>, select <strong>Local intranet</strong> and then select <strong>Enable Protected Mode</strong>.</li><li>Select <strong>Trusted Sites</strong> and then select <strong>Enable Protected Mode</strong>.&nbsp;</li><li>Select&nbsp;<strong>OK</strong>.</li></ol><div>You must restart the browser after making these changes.</div><div><br></div><div><strong>Resolution:</strong> This issue is resolved in<a href=\"https://support.microsoft.com/help/4495667\" target=\"_blank\">KB4495667</a>.</div><br><a href ='#49msg'>Back to top</a></td><td>OS Build 17763.379<br><br>March 12, 2019<br><a href ='https://support.microsoft.com/help/4489899' target='_blank'>KB4489899</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4495667' target='_blank'>KB4495667</a></td><td>Resolved:<br>May 03, 2019 <br>10:00 AM PT<br><br>Opened:<br>March 12, 2019 <br>10:00 AM PT</td></tr>
</table>
"

10
windows/release-information/status-windows-10-1507.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 10240.18368<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 10240.18334<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522009' target='_blank'>KB4522009</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='196msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#196msgdesc'>See details ></a></td><td>OS Build 10240.18094<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480962' target='_blank'>KB4480962</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
</table>
@ -72,6 +73,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 10240.18368<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520011' target='_blank'>KB4520011</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

10
windows/release-information/status-windows-10-1607-and-windows-server-2016.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 14393.3206<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522010' target='_blank'>KB4522010</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='195msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#195msgdesc'>See details ></a></td><td>OS Build 14393.2724<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480961' target='_blank'>KB4480961</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
<tr><td><div id='61msg'></div><b>Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM</b><br>Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM.<br><br><a href = '#61msgdesc'>See details ></a></td><td>OS Build 14393.2608<br><br>November 13, 2018<br><a href ='https://support.microsoft.com/help/4467691' target='_blank'>KB4467691</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>February 19, 2019 <br>10:00 AM PT</td></tr>
@ -74,6 +75,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 14393.3274<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519998' target='_blank'>KB4519998</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

10
windows/release-information/status-windows-10-1709.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 16299.1387<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516066' target='_blank'>KB4516066</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 16299.1392<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522012' target='_blank'>KB4522012</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='193msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#193msgdesc'>See details ></a></td><td>OS Build 16299.904<br><br>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480978' target='_blank'>KB4480978</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@ -73,6 +74,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 16299.1451<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520004' target='_blank'>KB4520004</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: October 2019
- items:
- type: markdown

10
windows/release-information/status-windows-10-1803.yml
View File

@ -64,6 +64,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17134.1006<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4516058' target='_blank'>KB4516058</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
<tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17134.950<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512501' target='_blank'>KB4512501</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='244msg'></div><b>Startup to a black screen after installing updates</b><br>Your device may startup to a black screen during the first logon after installing updates.<br><br><a href = '#244msgdesc'>See details ></a></td><td>OS Build 17134.829<br><br>June 11, 2019<br><a href ='https://support.microsoft.com/help/4503286' target='_blank'>KB4503286</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519978' target='_blank'>KB4519978</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@ -79,6 +80,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 17134.1069<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520008' target='_blank'>KB4520008</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: October 2019
- items:
- type: markdown

10
windows/release-information/status-windows-10-1809-and-windows-server-2019.yml
View File

@ -64,6 +64,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 17763.737<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4512578' target='_blank'>KB4512578</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
<tr><td><div id='360msg'></div><b>Microsoft Defender Advanced Threat Protection might stop running</b><br>The Microsoft Defender ATP service might stop running and might fail to send reporting data.<br><br><a href = '#360msgdesc'>See details ></a></td><td>OS Build 17763.832<br><br>October 15, 2019<br><a href ='https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>October 18, 2019 <br>04:23 PM PT</td></tr>
<tr><td><div id='330msg'></div><b>Windows Mixed Reality Portal users may intermittently receive a 15-5 error code</b><br>You may receive a 15-5 error code in Windows Mixed Reality Portal and your headset may not wake up from sleep.<br><br><a href = '#330msgdesc'>See details ></a></td><td>OS Build 17763.678<br><br>August 13, 2019<br><a href ='https://support.microsoft.com/help/4511553' target='_blank'>KB4511553</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520062' target='_blank'>KB4520062</a></td><td>October 15, 2019 <br>10:00 AM PT</td></tr>
@ -81,6 +82,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 17763.805<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519338' target='_blank'>KB4519338</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: October 2019
- items:
- type: markdown

14
windows/release-information/status-windows-10-1903.yml
View File

@ -64,6 +64,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>OS Build 18362.418<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='348msg'></div><b>Unable to create local users in Chinese, Japanese and Korean during device setup</b><br>You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE.<br><br><a href = '#348msgdesc'>See details ></a></td><td>OS Build 18362.356<br><br>September 10, 2019<br><a href ='https://support.microsoft.com/help/4515384' target='_blank'>KB4515384</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>October 29, 2019 <br>05:15 PM PT</td></tr>
<tr><td><div id='229msg'></div><b>Cannot launch Camera app </b><br>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 or Intel RealSense S200 camera apps.<br><br><a href = '#229msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a></td><td>June 27, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='358msg'></div><b>Unable to discover or connect to Bluetooth devices using some Qualcomm adapters</b><br>Microsoft has identified compatibility issues with some versions of Qualcomm Bluetooth radio drivers.<br><br><a href = '#358msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 20, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
@ -73,7 +74,7 @@ sections:
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>OS Build 18362.357<br><br>September 23, 2019<br><a href ='https://support.microsoft.com/help/4522016' target='_blank'>KB4522016</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='317msg'></div><b>Updates may fail to install and you may receive Error 0x80073701</b><br>Installation of updates may fail and you may receive error code 0x80073701.<br><br><a href = '#317msgdesc'>See details ></a></td><td>OS Build 18362.145<br><br>May 29, 2019<br><a href ='https://support.microsoft.com/help/4497935' target='_blank'>KB4497935</a></td><td>Investigating<br><a href = '' target='_blank'></a></td><td>August 16, 2019 <br>04:28 PM PT</td></tr>
<tr><td><div id='231msg'></div><b>Intermittent loss of Wi-Fi connectivity</b><br>Some older devices may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. <br><br><a href = '#231msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated External<br></td><td>August 01, 2019 <br>08:44 PM PT</td></tr>
<tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 01, 2019 <br>06:27 PM PT</td></tr>
<tr><td><div id='226msg'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><br>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.<br><br><a href = '#226msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>August 01, 2019 <br>06:27 PM PT</td></tr>
<tr><td><div id='228msg'></div><b>Intel Audio displays an intcdaud.sys notification</b><br>Devices with a range of Intel Display Audio device drivers may experience battery drain.<br><br><a href = '#228msgdesc'>See details ></a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 21, 2019 <br>04:47 PM PT</td></tr>
</table>
"
@ -85,6 +86,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>OS Build 18362.418<br><br>October 08, 2019<br><a href ='https://support.microsoft.com/help/4517389' target='_blank'>KB4517389</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: October 2019
- items:
- type: markdown
@ -131,7 +141,7 @@ sections:
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='229msgdesc'></div><b>Cannot launch Camera app </b><div>Microsoft and Intel have identified an issue affecting Intel RealSense SR300 and Intel RealSense S200 cameras when using the Camera app. After updating to the Windows 10 May 2019 Update and launching the Camera app, you may get an error message stating:</div><div class=\"ql-indent-1\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\"Close other apps, error code: 0XA00F4243.”</div><div><br></div><div>To safeguard your update experience, we have applied a protective hold on machines with Intel RealSense SR300 or Intel RealSense S200 cameras installed from being offered Windows 10, version 1903, until&nbsp;this issue is resolved.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Resolution:&nbsp;</strong>This issue was resolved in&nbsp;<a href='https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a> and the safeguard hold has been removed.</div><br><a href ='#229msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4501375' target='_blank'>KB4501375</a></td><td>Resolved:<br>June 27, 2019 <br>10:00 AM PT<br><br>Opened:<br>May 21, 2019 <br>07:20 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='225msgdesc'></div><b>Unable to discover or connect to Bluetooth devices using some Realtek adapters</b><div>Microsoft has identified compatibility issues with some driver versions for Bluetooth radios made by Realtek. To safeguard your update experience, we have applied a compatibility hold on devices with affected driver versions for Realtek Bluetooth radios from being offered Windows 10, version 1903 or Windows Server, version 1903 until the driver has been updated.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li><li>Server: Windows Server, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Check with your device manufacturer (OEM) to see if an updated driver is available and install it. You will need to install a Realtek driver version greater than 1.5.1011.0.</div><div><br></div><div><strong>Note</strong> Until an updated driver has been installed, we recommend you do not attempt to manually update using the<strong> Update now </strong>button or the Media Creation Tool.&nbsp;</div><div><br></div><div><strong>Next steps:&nbsp;</strong>Microsoft is working with Realtek to release new drivers for all affected system via Windows Update.</div><div><br></div><div><strong>October 25, 2019 note</strong> This issue was previously grouped with the Qualcomm radio issue, which is now resolved. There is no change to this issue except to remove reference to Qualcomm.</div><br><a href ='#225msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>October 25, 2019 <br>04:21 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:29 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='231msgdesc'></div><b>Intermittent loss of Wi-Fi connectivity</b><div>Some older computers may experience loss of Wi-Fi connectivity due to an outdated Qualcomm driver. An updated Wi-Fi driver should be available from your device manufacturer (OEM).</div><div><br></div><div>To safeguard your upgrade experience, we have applied a hold on devices with this Qualcomm driver from being offered Windows 10, version 1903, until&nbsp;the updated driver is installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>Before updating to Windows 10, version 1903, you will need to download and install an updated Wi-Fi driver from your device manufacturer (OEM).</div><div>&nbsp;</div><div><strong>Note</strong> We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until a new driver has been installed and the Windows 10, version 1903 feature update has been automatically offered to you.</div><br><a href ='#231msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated External<br></td><td>Last updated:<br>August 01, 2019 <br>08:44 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:13 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer.&nbsp;For other color setting issues, restart your computer to correct the issue.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>August 01, 2019 <br>06:27 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='226msgdesc'></div><b>Gamma ramps, color profiles, and night light settings do not apply in some cases</b><div>Microsoft has identified some scenarios where gamma ramps, color profiles and night light settings may stop working.</div><div><br></div><div>Microsoft has identified some scenarios in which these features may have issues or stop working, for example:</div><ul><li>Connecting to (or disconnecting from) an external monitor, dock, or projector</li><li>Rotating the screen</li><li>Updating display drivers or making other display mode changes</li><li>Closing full screen applications</li><li>Applying custom color profiles</li><li>Running applications that rely on custom gamma ramps</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903</li></ul><div></div><div><strong>Workaround: </strong>If you find that your night light has stopped working, try turning the night light off and on, or restarting your computer.&nbsp;For other color setting issues, restart your computer to correct the issue.</div><div><br></div><div><strong>Note </strong>We recommend that you do not attempt to manually update using the <strong>Update now</strong> button or the Media Creation Tool until this issue has been resolved.</div><div><br></div><div><strong>Next steps: </strong>We are working on a resolution and will provide an update in an upcoming release.</div><br><a href ='#226msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = 'https://support.microsoft.com/help/4505903' target='_blank'>KB4505903</a></td><td>Last updated:<br>August 01, 2019 <br>06:27 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:28 AM PT</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='228msgdesc'></div><b>Intel Audio displays an intcdaud.sys notification</b><div>Microsoft and Intel have identified an issue with a range of Intel Display Audio device drivers that may result in higher than normal battery drain.&nbsp;If you see an <strong>intcdaud.sys</strong> notification or “What needs your attention” notification when trying to update to Windows 10, version 1903, you have an affected Intel Audio Display device driver installed on your machine (intcdaud.sys, versions 10.25.0.3 through 10.25.0.8).</div><div>&nbsp;&nbsp;</div><div>To safeguard your update experience, we have applied a compatibility hold on devices with drivers from being offered Windows 10, version 1903 until&nbsp;updated device drivers have been installed.</div><div><br></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809</li></ul><div></div><div><strong>Workaround:</strong></div><div>On the “What needs your attention\" notification, click the <strong>Back </strong>button to remain on your current version of Windows 10. (Do not click <strong>Confirm</strong> as this will proceed with the update and you may experience compatibility issues.)&nbsp;Affected devices will automatically revert to the previous working configuration.</div><div><br></div><div>For more information, see <a href=\"https://www.intel.com/content/www/us/en/support/articles/000030792/graphics-drivers.html\" target=\"_blank\" style=\"\">Intel's customer support guidance</a> and the Microsoft knowledge base article <a href=\"https://support.microsoft.com/help/4465877\" target=\"_blank\" style=\"\">KB4465877</a>.</div><div><br></div><div><strong>Note</strong> We recommend you do not attempt to update your devices until newer device drivers are installed.</div><div><br></div><div><strong>Next steps: </strong>You can opt to wait for newer drivers to be installed automatically through Windows Update or check with the computer manufacturer for the latest device driver software availability and installation procedures.</div><br><a href ='#228msg'>Back to top</a></td><td>OS Build 18362.116<br><br>May 21, 2019<br><a href ='https://support.microsoft.com/help/4505057' target='_blank'>KB4505057</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>Last updated:<br>May 21, 2019 <br>04:47 PM PT<br><br>Opened:<br>May 21, 2019 <br>07:22 AM PT</td></tr>
</table>
"

10
windows/release-information/status-windows-7-and-windows-server-2008-r2-sp1.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516048' target='_blank'>KB4516048</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='310msg'></div><b>IA64 and x64 devices may fail to start after installing updates</b><br>After installing updates released on or after August 13, 2019, IA64 and x64 devices using EFI Boot may fail to start.<br><br><a href = '#310msgdesc'>See details ></a></td><td>August 13, 2019<br><a href ='https://support.microsoft.com/help/4512506' target='_blank'>KB4512506</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>August 17, 2019 <br>12:59 PM PT</td></tr>
</table>
@ -72,6 +73,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4519976' target='_blank'>KB4519976</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

10
windows/release-information/status-windows-8.1-and-windows-server-2012-r2.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516041' target='_blank'>KB4516041</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='217msg'></div><b>Japanese IME doesn't show the new Japanese Era name as a text input option</b><br>With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.<br><br><a href = '#217msgdesc'>See details ></a></td><td>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493443' target='_blank'>KB4493443</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 15, 2019 <br>05:53 PM PT</td></tr>
<tr><td><div id='161msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#161msgdesc'>See details ></a></td><td>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480963' target='_blank'>KB4480963</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@ -73,6 +74,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520005' target='_blank'>KB4520005</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

10
windows/release-information/status-windows-server-2008-sp2.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='327msg'></div><b>Issues manually installing updates by double-clicking the .msu file</b><br>You may encounter issues manually installing updates by double-clicking the .msu file and may receive an error.<br><br><a href = '#327msgdesc'>See details ></a></td><td>September 10, 2019<br><a href ='https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4474419' target='_blank'>KB4474419</a></td><td>September 23, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516030' target='_blank'>KB4516030</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
</table>
@ -72,6 +73,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520002' target='_blank'>KB4520002</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

10
windows/release-information/status-windows-server-2012.yml
View File

@ -60,6 +60,7 @@ sections:
- type: markdown
text: "<div>This table offers a summary of current active issues and those issues that have been resolved in the last 30 days.</div><br>
<table border ='0'><tr><td width='65%'>Summary</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>Last updated</td></tr>
<tr><td><div id='364msg'></div><b>TLS connections might fail or timeout</b><br>Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption.<br><br><a href = '#364msgdesc'>See details ></a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>Mitigated External<br></td><td>November 05, 2019 <br>03:36 PM PT</td></tr>
<tr><td><div id='351msg'></div><b>Intermittent issues when printing</b><br>The print spooler service may intermittently have issues completing a print job and results print job failure.<br><br><a href = '#351msgdesc'>See details ></a></td><td>September 24, 2019<br><a href ='https://support.microsoft.com/help/4516069' target='_blank'>KB4516069</a></td><td>Resolved<br><a href = 'https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>October 08, 2019 <br>10:00 AM PT</td></tr>
<tr><td><div id='217msg'></div><b>Japanese IME doesn't show the new Japanese Era name as a text input option</b><br>With previous dictionary updates installed, the Japanese IME doesn't show the new Japanese Era name as an input option.<br><br><a href = '#217msgdesc'>See details ></a></td><td>April 25, 2019<br><a href ='https://support.microsoft.com/help/4493462' target='_blank'>KB4493462</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>May 15, 2019 <br>05:53 PM PT</td></tr>
<tr><td><div id='187msg'></div><b>Certain operations performed on a Cluster Shared Volume may fail</b><br>Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5).<br><br><a href = '#187msgdesc'>See details ></a></td><td>January 08, 2019<br><a href ='https://support.microsoft.com/help/4480975' target='_blank'>KB4480975</a></td><td>Mitigated<br><a href = '' target='_blank'></a></td><td>April 25, 2019 <br>02:00 PM PT</td></tr>
@ -73,6 +74,15 @@ sections:
<div>
</div>
"
- title: November 2019
- items:
- type: markdown
text: "
<table border ='0'><tr><td width='65%'>Details</td><td width='15%'>Originating update</td><td width='10%'>Status</td><td width='10%'>History</td></tr>
<tr><td style='border-left-width:1px;border-right-width:1px;border-bottom-width:1px;'><div id='364msgdesc'></div><b>TLS connections might fail or timeout</b><div>Updates for Windows released October 8, 2019 or later provide protections, tracked by <a href=\"https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1318\" rel=\"noopener noreferrer\" target=\"_blank\">CVE-2019-1318</a>, against an attack that could allow unauthorized access to information or data within TLS connections.&nbsp;This type of attack is known as a man-in-the-middle exploit.&nbsp;Windows might fail to connect to TLS clients and servers that do not support Extended Master Secret for resumption (<a href=\"https://tools.ietf.org/html/rfc7627\" rel=\"noopener noreferrer\" target=\"_blank\">RFC 7627</a>). Lack of RFC support might cause one or more of the following errors or logged events:</div><ul><li>\"The request was aborted: Could not create SSL/TLS secure Channel\"</li><li>SCHANNEL event 36887 is logged in the System event log with the description, \"A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.\"</li></ul><div></div><div><strong>Affected platforms:</strong></div><ul><li>Client: Windows 10, version 1903; Windows 10, version 1809; Windows 10 Enterprise LTSC 2019; Windows 10, version 1803; Windows 10, version 1709; Windows 10, version 1703; Windows 10 Enterprise LTSC 2016; Windows 10, version 1607; Windows 10 Enterprise LTSC 2015; Windows 8.1; Windows 7 SP1</li><li>Server: Windows Server, version 1903; Windows Server, version 1809; Windows Server 2019; Windows Server, version 1803; Windows Server, version 1709 ; Windows Server 2016; Windows Server 2012 R2; Windows Server 2012; Windows Server 2008 R2 SP1; Windows Server 2008 SP2</li></ul><div></div><div><br></div><div><strong>Next Steps: </strong>Connections between two devices running any supported version of Windows should not have this issue when fully updated.&nbsp;There is no update for Windows needed for this issue.&nbsp;These changes are required to address a security issue and security compliance. For information, see <a href=\"https://support.microsoft.com/help/4528489\" rel=\"noopener noreferrer\" target=\"_blank\">KB4528489</a>.</div><br><a href ='#364msg'>Back to top</a></td><td>October 08, 2019<br><a href ='https://support.microsoft.com/help/4520007' target='_blank'>KB4520007</a></td><td>Mitigated External<br></td><td>Last updated:<br>November 05, 2019 <br>03:36 PM PT<br><br>Opened:<br>November 05, 2019 <br>03:36 PM PT</td></tr>
</table>
"
- title: September 2019
- items:
- type: markdown

2
windows/security/identity-protection/access-control/active-directory-security-groups.md
View File

@ -112,7 +112,7 @@ The following table lists the three group scopes and more information about each
<p>Global groups from any domain in the same forest</p>
<p>Other Universal groups from any domain in the same forest</p></td>
<td><p>Can be converted to Domain Local scope</p>
<p>Can be converted to Global scope if the group does not contain any other Universal groups</p></td>
<p>Can be converted to Global scope if the group is not a member of any other Universal groups</p></td>
<td><p>On any domain in the same forest or trusting forests</p></td>
<td><p>Other Universal groups in the same forest</p>
<p>Domain Local groups in the same forest or trusting forests</p>

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-trust-devreg.md
View File

@ -107,7 +107,7 @@ Federation server proxies are computers that run AD FS software that have been c
Use the [Setting of a Federation Proxy](https://docs.microsoft.com/windows-server/identity/ad-fs/deployment/checklist--setting-up-a-federation-server-proxy) checklist to configure AD FS proxy servers in your environment.
### Deploy Azure AD Connect
Next, you need to synchronize the on-premises Active Directory with Azure Active Directory. To do this, first review the [Integrating on-prem directories with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect) and [hardware and prerequisites](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-prerequisites) needed and then [download the software](http://go.microsoft.com/fwlink/?LinkId=615771).
Next, you need to synchronize the on-premises Active Directory with Azure Active Directory. To do this, first review the [Integrating on-prem directories with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect) and [hardware and prerequisites](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-prerequisites) needed and then [download the software](https://go.microsoft.com/fwlink/?LinkId=615771).
When you are ready to install, follow the **Configuring federation with AD FS** section of [Custom installation of Azure AD Connect](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-get-started-custom). Select the **Federation with AD FS** option on the **User sign-in** page. At the **AD FS Farm** page, select the use an existing option and click **Next**.

2
windows/security/identity-protection/hello-for-business/hello-hybrid-cert-whfb-settings-pki.md
View File

@ -150,7 +150,7 @@ Sign-in a certificate authority or management workstations with _Domain Admin eq
Sign-in to an **AD FS Windows Server 2016** computer with _Enterprise Admin_ equivalent credentials.
1. Open an elevated command prompt.
2. Run `certutil -dsTemplate WHFBAuthentication msPKI-Private-Key-Flag +CTPRIVATEKEY_FLAG_HELLO_LOGON_KEY`
2. Run `certutil -dsTemplate WHFBAuthentication,msPKI-Private-Key-Flag,+CTPRIVATEKEY_FLAG_HELLO_LOGON_KEY`
> [!NOTE]
> If you gave your Windows Hello for Business Authentication certificate template a different name, then replace **WHFBAuthentication** in the above command with the name of your certificate template. It's important that you use the template name rather than the template display name. You can view the template name on the **General** tab of the certificate template using the Certificate Template management console (certtmpl.msc). Or, you can view the template name using the **Get-CATemplate** ADCS Administration Windows PowerShell cmdlet on our Windows Server 2012 or later certificate authority.

2
windows/security/identity-protection/hello-for-business/hello-hybrid-key-trust-dirsync.md
View File

@ -27,7 +27,7 @@ ms.reviewer:
You are ready to configure directory synchronization for your hybrid environment. Hybrid Windows Hello for Business deployment needs both a cloud and an on-premises identity to authenticate and access resources in the cloud or on-premises.
## Deploy Azure AD Connect
Next, you need to synchronize the on-premises Active Directory with Azure Active Directory. To do this, first review the [Integrating on-prem directories with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect) and [hardware and prerequisites](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-prerequisites) needed and then [download the software](http://go.microsoft.com/fwlink/?LinkId=615771).
Next, you need to synchronize the on-premises Active Directory with Azure Active Directory. To do this, first review the [Integrating on-prem directories with Azure Active Directory](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect) and [hardware and prerequisites](https://docs.microsoft.com/azure/active-directory/connect/active-directory-aadconnect-prerequisites) needed and then [download the software](https://go.microsoft.com/fwlink/?LinkId=615771).
> [!NOTE]

2
windows/security/identity-protection/hello-for-business/microsoft-compatible-security-key.md
View File

@ -21,7 +21,7 @@ ms.reviewer:
> Some information relates to pre-released product that may change before it is commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.
Microsoft has been aligned with the [FIDO Alliance](https://fidoalliance.org/) with a mission to replace passwords with an easy to use, strong 2FA credential. We have been working with our partners to extensively test and deliver a seamless and secure authentication experience to end users.
Microsoft has been aligned with the [FIDO Alliance](https://fidoalliance.org/) with a mission to replace passwords with an easy to use, strong 2FA credential. We have been working with our partners to extensively test and deliver a seamless and secure authentication experience to end users. See [FIDO2 security keys features and providers](https://docs.microsoft.com/azure/active-directory/authentication/concept-authentication-passwordless#fido2-security-keys).
The [FIDO2 CTAP specification](https://fidoalliance.org/specs/fido-v2.0-id-20180227/fido-client-to-authenticator-protocol-v2.0-id-20180227.html) contains a few optional features and extensions which are crucial to provide that seamless and secure experience.

6
windows/security/information-protection/windows-information-protection/wip-learning.md
View File

@ -10,8 +10,8 @@ ms.mktglfcycl:
ms.sitesec: library
ms.pagetype: security
ms.localizationpriority: medium
author: stephow-MSFT
ms.author: stephow
author: LauraWi
ms.author: laurawi
manager: laurawi
audience: ITPro
ms.collection: M365-security-compliance
@ -33,7 +33,7 @@ In the **Website learning report**, you can view a summary of the devices that h
## Access the WIP Learning reports
1. Open the [Azure portal](http://portal.azure.com/).
1. Open the [Azure portal](https://portal.azure.com/).
1. Click **All services**, type **Intune** in the text box filter, and click the star to add it to **Favorites**.

36
windows/security/threat-protection/TOC.md
View File

@ -311,25 +311,23 @@
##### [Use the mpcmdrun.exe command line tool to manage next generation protection](windows-defender-antivirus/command-line-arguments-windows-defender-antivirus.md)
### [Microsoft Defender Advanced Threat Protection for Mac](windows-defender-antivirus/microsoft-defender-atp-mac.md)
#### [What's New in Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md)
#### [Deploy Microsoft Defender Advanced Threat Protection for Mac]()
##### [Microsoft Intune-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md)
##### [JAMF-based deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md)
##### [Deployment with a different Mobile Device Management (MDM) system](windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md)
##### [Manual deployment](windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md)
#### [Update Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-updates.md)
#### [Configure Microsoft Defender ATP for Mac]()
##### [Configure and validate exclusions](windows-defender-antivirus/microsoft-defender-atp-mac-exclusions.md)
##### [Set preferences for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md)
##### [Detect and block Potentially Unwanted Applications](windows-defender-antivirus/microsoft-defender-atp-mac-pua.md)
#### [Troubleshoot Microsoft Defender ATP for Mac]()
##### [Troubleshoot performance issues](windows-defender-antivirus/microsoft-defender-atp-mac-support-perf.md)
##### [Troubleshoot kernel extension issues](windows-defender-antivirus/microsoft-defender-atp-mac-support-kext.md)
#### [Privacy for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md)
#### [Resources for Microsoft Defender ATP for Mac](windows-defender-antivirus/microsoft-defender-atp-mac-resources.md)
### [Microsoft Defender Advanced Threat Protection for Mac](microsoft-defender-atp/microsoft-defender-atp-mac.md)
#### [What's New](microsoft-defender-atp/mac-whatsnew.md)
#### [Deploy]()
##### [Microsoft Intune-based deployment](microsoft-defender-atp/mac-install-with-intune.md)
##### [JAMF-based deployment](microsoft-defender-atp/mac-install-with-jamf.md)
##### [Deployment with a different Mobile Device Management (MDM) system](microsoft-defender-atp/mac-install-with-other-mdm.md)
##### [Manual deployment](microsoft-defender-atp/mac-install-manually.md)
#### [Update](microsoft-defender-atp/mac-updates.md)
#### [Configure]()
##### [Configure and validate exclusions](microsoft-defender-atp/mac-exclusions.md)
##### [Set preferences](microsoft-defender-atp/mac-preferences.md)
##### [Detect and block Potentially Unwanted Applications](microsoft-defender-atp/mac-pua.md)
#### [Troubleshoot]()
##### [Troubleshoot performance issues](microsoft-defender-atp/mac-support-perf.md)
##### [Troubleshoot kernel extension issues](microsoft-defender-atp/mac-support-kext.md)
#### [Privacy](microsoft-defender-atp/mac-privacy.md)
#### [Resources](microsoft-defender-atp/mac-resources.md)
### [Configure Secure score dashboard security controls](microsoft-defender-atp/secure-score-dashboard.md)

4
windows/security/threat-protection/auditing/event-4738.md
View File

@ -196,7 +196,7 @@ Typical **Primary Group** values for user accounts:
- **New UAC Value** \[Type = UnicodeString\]: specifies flags that control password, lockout, disable/enable, script, and other behavior for the user account. If the value of **userAccountControl** attribute of user object was changed, you will see the new value here.
To decode this value, you can go through the property value definitions in the “Table 7. Users or Computers account UAC flags.” from largest to smallest. Compare each property value to the flags value in the event. If the flags value in the event is greater than or equal to the property value, then the property is "set" and applies to that event. Subtract the property value from the flags value in the event and note that the flag applies and then go on to the next flag.
To decode this value, you can go through the property value definitions in the [Users or Computers account UAC flags.](https://support.microsoft.com/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties) from largest to smallest. Compare each property value to the flags value in the event. If the flags value in the event is greater than or equal to the property value, then the property is "set" and applies to that event. Subtract the property value from the flags value in the event and note that the flag applies and then go on to the next flag.
Here's an example: Flags value from event: 0x15
@ -226,7 +226,7 @@ Decoding:
So this UAC flags value decodes to: LOCKOUT and SCRIPT
- **User Account Control** \[Type = UnicodeString\]**:** shows the list of changes in **userAccountControl** attribute. You will see a line of text for each change. See possible values in here: “Table 7. Users or Computers account UAC flags.”. In the “User Account Control field text” column, you can see the text that will be displayed in the **User Account Control** field in 4738 event.
- **User Account Control** \[Type = UnicodeString\]**:** shows the list of changes in **userAccountControl** attribute. You will see a line of text for each change. See possible values in here: [Users or Computers account UAC flags](https://support.microsoft.com/help/305144/how-to-use-useraccountcontrol-to-manipulate-user-account-properties). In the “User Account Control field text” column, you can see the text that will be displayed in the **User Account Control** field in 4738 event.
- **User Parameters** \[Type = UnicodeString\]: if you change any setting using Active Directory Users and Computers management console in Dial-in tab of users account properties, then you will see **&lt;value changed, but not displayed&gt;** in this field. For local accounts, this field is not applicable and always has “&lt;value not set&gt;“ value.

507
windows/security/threat-protection/fips-140-validation.md
View File

@ -9,234 +9,211 @@ manager: dansimp
ms.collection: M365-identity-device-management
ms.topic: article
ms.localizationpriority: medium
ms.date: 04/03/2018
ms.date: 11/05/2019
ms.reviewer:
---
# FIPS 140-2 Validation
# FIPS 140 Validation
## FIPS 140-2 standard overview
On this page
The Federal Information Processing Standard (FIPS) Publication 140-2 is a U.S. government standard that defines minimum security requirements for cryptographic modules in information technology products, as defined in Section 5131 of the Information Technology Management Reform Act of 1996.
- [Introduction](https://technet.microsoft.com/library/cc750357.aspx#id0eo)
- [FIPS 140 Overview](https://technet.microsoft.com/library/cc750357.aspx#id0ebd)
- [Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/library/cc750357.aspx#id0ezd)
- [Information for System Integrators](https://technet.microsoft.com/library/cc750357.aspx#id0eve)
- [Information for Software Developers](https://technet.microsoft.com/library/cc750357.aspx#id0eibac)
- [FIPS 140 FAQ](https://technet.microsoft.com/library/cc750357.aspx#id0eqcac)
- [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#id0ewfac)
- [Cryptographic Algorithms](https://technet.microsoft.com/library/cc750357.aspx#id0erobg)
The [Cryptographic Module Validation Program (CMVP)](https://csrc.nist.gov/Projects/cryptographic-module-validation-program), a joint effort of the U.S. National Institute of Standards and Technology (NIST) and the Canadian Centre for Cyber Security (CCCS), validates cryptographic modules against the Security Requirements for Cryptographic Modules (part of FIPS 140-2) and related FIPS cryptography standards. The FIPS 140-2 security requirements cover eleven areas related to the design and implementation of a cryptographic module. The NIST Information Technology Laboratory operates a related program that validates the FIPS approved cryptographic algorithms in the module.
Updated: March 2018
## Microsofts approach to FIPS 140-2 validation
Microsoft maintains an active commitment to meeting the requirements of the FIPS 140-2 standard, having validated cryptographic modules against it since the inception of the standard in 2001. Microsoft validates its cryptographic modules under the NIST CMVP, as described above. Multiple Microsoft products, including Windows 10, Windows Server, and many cloud services, use these cryptographic modules.
## Using Windows in a FIPS 140-2 approved mode of operation
## Introduction
Windows 10 and Windows server may be configured to run in a FIPS 140-2 approved mode of operation. This is commonly referred to as “FIPS mode.” Achieving this mode of operation requires administrators to complete all four steps outlined below.
This document provides information on how Microsoft products and cryptographic modules comply with the U.S. Federal government standard, *Federal Information Processing Standard (FIPS) 140 Security Requirements for Cryptographic Modules* \[FIPS 140\].
### Step 1: Ensure FIPS 140-2 validated cryptographic modules are installed
### Audience
Administrators must ensure that all cryptographic modules installed are FIPS 140-2 validated. This is accomplished by cross-checking the version number of the cryptographic module with the table of validated modules at the end of this topic, organized by operating system release.
This document is primarily focused on providing information for three parties:
### Step 2: Ensure all security policies for all cryptographic modules are followed
[Procurement Officer](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_product_validation) Responsible for verifying that Microsoft products (or even third-party applications) are either FIPS 140 validated or utilize a Microsoft FIPS 140 validated cryptographic module.
Each of the cryptographic modules has a defined security policy that must be met for the module to operate in its FIPS 140-2 approved mode. The security policy may be found in each modules published Security Policy Document (SPD). The SPDs for each module may be found by following the links in the table of validated modules at the end of this topic. Click on the module version number to view the published SPD for the module.
[System Integrator](https://technet.microsoft.com/library/cc750357.aspx#_information_for_system) Responsible for ensuring that Microsoft Products are configured properly to use only FIPS 140 validated cryptographic modules.
### Step 3: Enable the FIPS security policy
[Software Developer](https://technet.microsoft.com/library/cc750357.aspx#_information_for_software) Responsible for building software products that utilize Microsoft FIPS 140 validated cryptographic modules.
Windows provides the security policy setting, “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing,” which is used by some Microsoft products to determine whether to operate in a FIPS 140-2 approved mode. When this policy is enabled, the validated cryptographic modules in Windows will also operate in FIPS approved mode. The policy may be set using Local Security Policy, as part of Group Policy, or through a Modern Device Management (MDM) solution. For more information on the policy, see [System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing](https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/system-cryptography-use-fips-compliant-algorithms-for-encryption-hashing-and-signing).
### Document Map
### Step 4: Ensure only FIPS validated cryptographic algorithms are used
This document is broken into seven major sections:
Neither the operating system nor the cryptographic modules can enforce a FIPS approved mode of operation, regardless of the FIPS security policy setting. To run in a FIPS approved mode, an application or service must check for the policy flag and enforce the security policies of the validated modules. If an application or service uses a non-approved cryptographic algorithm or does not follow the security policies of the validated modules, it is not operating in a FIPS approved mode.
[FIPS 140 Overview](https://technet.microsoft.com/library/cc750357.aspx#_fips_140_overview) Provides an overview of the FIPS 140 standard as well as provides some historical information about the standard.
## Frequently asked questions
[Microsoft Product Validation (Information for Procurement Officers and Auditors)](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_product_validation) Provides information on how Microsoft products are FIPS 140 validated.
### How long does it take to certify cryptographic modules?
[Information for System Integrators](https://technet.microsoft.com/library/cc750357.aspx#_information_for_system) Describes how to configure and verify that Microsoft Products are being used in a manner consistent with the products FIPS 140 Security Policy.
Microsoft begins certification of cryptographic modules after each major feature release of Windows 10 and Windows Server. The duration of each evaluation varies, depending on many factors.
[Information for Software Developers](https://technet.microsoft.com/library/cc750357.aspx#_information_for_software) Identifies how developers can leverage the Microsoft FIPS 140 validated cryptographic modules.
### When does Microsoft undertake a FIPS 140 validation?
[FAQ](https://technet.microsoft.com/library/cc750357.aspx#_fips_140_faq) Frequently Asked Questions.
The cadence for starting module validation aligns with the feature updates of Windows 10 and Windows Server. As the software industry evolves, operating systems release more frequently. Microsoft completes validation work on major releases but, in between releases, seeks to minimize the changes to the cryptographic modules.
[Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_fips_140) Explains Microsoft cryptographic architecture and identifies specific modules that are FIPS 140 validated.
### What is the difference between “FIPS 140 validated” and “FIPS 140 compliant”?
[Cryptographic Algorithms](https://technet.microsoft.com/library/cc750357.aspx#_cryptographic_algorithms) Lists the cryptographic algorithm, modes, states, key sizes, Windows versions, and corresponding cryptographic algorithm validation certificates.
“FIPS 140 validated” means that the cryptographic module, or a product that embeds the module, has been validated (“certified”) by the CMVP as meeting as meeting the FIPS 140-2 requirements. “FIPS 140 compliant” is an industry term for IT products that rely on FIPS 140 validated products for cryptographic functionality.
## FIPS 140 Overview
### I need to know if a Windows service or application is FIPS 140-2 validated.
### FIPS 140 Standard
The cryptographic modules leveraged in Windows are validated through the CMVP, not individual services, applications, hardware peripherals, or other solutions. For a solution to be considered compliant, it must call a FIPS 140-2 validated cryptographic module in the underlying OS and the OS must be configured to run in FIPS mode. Contact the vendor of the service, application, or product for information on whether it calls a validated cryptographic module.
FIPS 140 is a US government and Canadian government standard that defines a minimum set of the security requirements for products that implement cryptography. This standard is designed for cryptographic modules that are used to secure sensitive but unclassified information. Testing against the FIPS 140 standard is maintained by the Cryptographic Module Validation Program (CMVP), a joint effort between the US National Institute of Standards and Technology (NIST) and the Communications Security Establishment of Canada (CSEC).
### What does "When operated in FIPS mode" mean on a certificate?
The current standard defines four-levels of increasing security, 1 through 4. Most software products (including all Microsoft products) are tested against the Level 1 security requirements.
This caveat identifies required configuration and security rules that must be followed to use the cryptographic module in a way that is consistent with its FIPS 140-2 security policy. Each module has its own security policy—a precise specification of the security rules under which it will operate—and employs approved cryptographic algorithms, cryptographic key management, and authentication techniques. The security rules are defined in the Security Policy Document (SPD) for each module.
### Applicability of the FIPS standard
### What is the relationship between FIPS 140-2 and Common Criteria?
Within the US Federal government, the FIPS 140 standard applies to any security system (whether hardware, firmware, software, or a combination thereof) to be used by agencies for protecting sensitive but unclassified information. Some agencies have expanded its use by requiring that the modules to be procured for secret systems also meet the FIPS 140 requirements.
These are two separate security standards with different, but complementary, purposes. FIPS 140-2 is designed specifically for validating software and hardware cryptographic modules, while Common Criteria is designed to evaluate security functions in IT software and hardware products. Common Criteria evaluations often rely on FIPS 140-2 validations to provide assurance that basic cryptographic functionality is implemented properly.
The FIPS 140 standard has also been used by different standards bodies, specification groups, nations, and private institutions as a requirement or guideline for those products (e.g. Digital Cinema Systems Specification).
### How does FIPS 140 relate to Suite B?
### History of 140-1
Suite B is a set of cryptographic algorithms defined by the U.S. National Security Agency (NSA) as part of its Cryptographic Modernization Program. The set of Suite B cryptographic algorithms are to be used for both unclassified information and most classified information. The Suite B cryptographic algorithms are a subset of the FIPS Approved cryptographic algorithms as allowed by the FIPS 140-2 standard.
FIPS 140-1 is the original working version of the standard made official on January 11, 1994. The standard remained in effect until FIPS 140-2 became mandatory for new products on May 25, 2002.
### FIPS 140-2
FIPS 140-2 is currently the active version of the standard.
### Microsoft FIPS Support Policy
Microsoft actively maintains FIPS 140 validation for its cryptographic modules.
### FIPS Mode of Operation
The common term “FIPS mode” is used in this document and Security Policy documents. When a cryptographic module contains both FIPS-approved and non-FIPS approved security methods, it must have a "FIPS mode of operation" to ensure only FIPS-approved security methods may be used. When a module is in "FIPS mode", a non-FIPS approved method cannot be used instead of a FIPS-approved method.
## Microsoft Product Validation (Information for Procurement Officers and Auditors)
This section provides information for Procurement Officers and Auditors who are responsible for ensuring that Microsoft products with FIPS 140 validated cryptographic modules are used in their organization. The goal of this section is to provide an overview of the Microsoft developed products and modules and explain how the validated cryptographic modules are used.
### Microsoft Product Relationship with CNG and CAPI libraries
Rather than validate individual components and products, Microsoft chooses to validate only the underlying cryptographic modules. Subsequently, many Windows components and Microsoft products are built to rely on the Cryptographic API: Next Generation (CNG) and legacy Cryptographic API (CAPI) FIPS 140 validated cryptographic modules. Windows components and Microsoft products use the documented application programming interfaces (APIs) for each of the modules to access various cryptographic services.
The following list contains some of the Windows components and Microsoft products that rely on FIPS 140 validated cryptographic modules:
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
- Server Message Block (SMB) 3.x
## Information for System Integrators
This section provides information for System Integrators and Auditors who are responsible for deploying Microsoft products in a manner consistent with the products FIPS 140 Security Policy.
There are two steps to ensure that Microsoft products operate in FIPS mode:
1. Selecting/Installing FIPS 140 validated cryptographic modules
2. Setting FIPS local/group security policy flag.
### Step 1 Selecting/Installing FIPS 140 Validated Cryptographic Modules
Systems Integrators must ensure that all cryptographic modules installed are, in fact, FIPS 140 validated. This can be accomplished by cross-checking the version number of the installed module with the list of validated binaries. The list of validated CAPI binaries is identified in the [CAPI Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_capi_validated_cryptographic) section below and the list of validated CNG binaries is identified in the [CNG Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_cng_validated_cryptographic) section below. There are similar sections for all other validated cryptographic modules.
The version number of the installed binary is found by right-clicking the module file and clicking on the Version or Details tab. Cryptographic modules are stored in the "windows\\system32" or "windows\\system32\\drivers" directory.
### Step 2 Setting FIPS Local/Group Security Policy Flag
The Windows operating system provides a group (or local) security policy setting, “System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing”, which is used by many Microsoft products to determine whether to operate in a FIPS-approved mode. When this policy is set, the validated cryptographic modules in Windows will also operate in a FIPS-approved mode.
**Note** There is no enforcement of the FIPS policy by the operating system or the validated cryptographic modules. Instead, each individual application must check this flag and enforce the Security Policy of the validated cryptographic modules.
#### Instructions on Setting the FIPS Local/Group Security Policy Flag
While there are alternative methods for setting the FIPS local/group security policy flag, the following method is included as a guide to users with Administrative privileges. This description is for the Local Security Policy, but the Group Security Policy may be set in a similar manner.
1. Open the 'Run' menu by pressing the combination 'Windows Key + R'.
2. Type 'secpol.msc' and press 'Enter' or click the 'Ok' button.
3. In the Local Security Policy management console window that opens, use the left tab to navigate to the Local Policies -\&gt; Security Options.
4. Scroll down the right pane and double-click 'System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing'.
5. In the properties window, select the 'Enabled' option and click the 'Apply' button.
#### Microsoft Components and Products That Utilize FIPS Local/Group Security Policy
The following list details some of the Microsoft components that use the cryptographic functionality implemented by either CNG or legacy CAPI. When the FIPS Local/Group Security Policy is set, the following components will enforce the validated module Security Policy.
- Schannel Security Package
- Remote Desktop Protocol (RDP) Client
- Encrypting File System (EFS)
- Some Microsoft .NET Framework Applications (.NET also provides cryptographic algorithm implementations that have not been FIPS 140 validated.)
- BitLocker® Drive Full-volume Encryption
- IPsec Settings of Windows Firewall
#### Effects of Setting FIPS Local/Group Security Policy Flag
When setting the FIPS local/group security policy flag, the behavior of several Microsoft components and products are affected. The most noticeable difference will be that the components enforcing this setting will only use those algorithms approved or allowed in FIPS mode. The specific changes to the products listed above are:
- Schannel Security Package forced to negotiate sessions using TLS. The following supported Cipher Suites are disabled:
- - TLS\_RSA\_WITH\_RC4\_128\_SHA
- TLS\_RSA\_WITH\_RC4\_128\_MD5
- SSL\_CK\_RC4\_128\_WITH\_MD5
- SSL\_CK\_DES\_192\_EDE3\_CBC\_WITH\_MD5
- TLS\_RSA\_WITH\_NULL\_MD5
- TLS\_RSA\_WITH\_NULL\_SHA
- The set of cryptographic algorithms that a Remote Desktop Protocol (RDP) server will use is scoped to:
- - CALG\_RSA\_KEYX - RSA public key exchange algorithm
- CALG\_3DES - Triple DES encryption algorithm
- CALG\_AES\_128 - 128 bit AES
- CALG\_AES\_256 - 256 bit AES
- CALG\_SHA1 - SHA hashing algorithm
- CALG\_SHA\_256 - 256 bit SHA hashing algorithm
- CALG\_SHA\_384 - 384 bit SHA hashing algorithm
- CALG\_SHA\_512 - 512 bit SHA hashing algorithm
- Any Microsoft .NET Framework applications, such as Microsoft ASP.NET or Windows Communication Foundation (WCF), only allow algorithm implementations that are validated to FIPS 140, meaning only classes that end in "CryptoServiceProvider" or "Cng" can be used. Any attempt to create an instance of other cryptographic algorithm classes or create instances that use non-allowed algorithms will cause an InvalidOperationException exception.
- Verification of ClickOnce applications fails unless the client computer has .NET Framework 2.0 SP1 or later service pack installed or .NET Framework 3.5 or later installed.
- On Windows Vista and Windows Server 2008 and later, BitLocker Drive Encryption switches from AES-128 using the elephant diffuser to using the approved AES-256 encryption. Recovery passwords are not created or backed up. Instead, backup a recovery key on a local drive or on a network share. To use the recovery key, put the key on a USB device and plug the device into the computer.
Please be aware that selection of FIPS mode can limit product functionality (See <http://support.microsoft.com/kb/811833>).
## Information for Software Developers
This section is targeted at developers who wish to build their own applications using the FIPS 140 validated cryptographic modules.
Each of the validated cryptographic modules defines a series of rules that must be followed. The security rules for each validated cryptographic module are specified in the Security Policy document. Links to each of the Security Policy documents is provided in the [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_fips_140) section below. Generally, the restriction in Microsoft validated cryptographic modules is limiting the use of cryptography to only FIPS Approved cryptographic algorithms, modes, and key sizes.
### Using Microsoft Cryptographic Modules in a FIPS mode of operation
No matter whether developing with native languages or using .NET, it is important to first check whether the CNG modules for the target system are FIPS validated. The list of validated CNG binaries is identified in the [CNG Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_cng_validated_cryptographic) section.
When developing using CNG directly, it is the responsibility of the developer to follow the security rules outlined in the FIPS 140 Security Policy for each module. The security policy for each module is provided on the CMVP website. Links to each of the Security Policy documents is provided in the tables below. It is important to remember that setting the FIPS local/group security policy Flag (discussed above) does not affect the behavior of the modules when used for developing custom applications.
If you are developing your application using .NET instead of using the native libraries, then setting the FIPS local policy flag will generate an exception when an improper .NET class is used for cryptography (i.e. the cryptographic classes whose names end in "Managed"). The names of these allowed classes end with "Cng", which use the CNG binaries or "CryptoServiceProvider", which use the legacy CAPI binaries.
### Key Strengths and Validity Periods
NIST Special Publication 800-131A Revision 1, Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths, dated November 2015, \[[SP 800-131A](http://dx.doi.org/10.6028/nist.sp.800-131ar1)\], offers guidance for moving to stronger cryptographic keys and algorithms. This does not replace NIST SP 800-57, Recommendation for Key Management Part 1: General, \[[SP 800-57](http://csrc.nist.gov/publications/pubssps.html#800-57-part1)\], but gives more specific guidance. One of the most important topics discussed in these publications deals with the key strengths of FIPS Approved algorithms and their validity periods. When developing applications that use FIPS Approved algorithms, it is also extremely important to select appropriate key sizes based on the security lifetimes recommended by NIST.
## FIPS 140 FAQ
The following are answers to commonly asked questions for the FIPS 140-2 validation of Microsoft products.
1. How does FIPS 140 relate to the Common Criteria?
**Answer:** These are two separate security standards with different, but complementary, purposes. FIPS 140 is a standard designed specifically for validating product modules that implement cryptography. On the other hand, Common Criteria is designed to help evaluate security functions in IT products.
In many cases, Common Criteria evaluations will rely on FIPS 140 validations to provide assurance that cryptographic functionality is implemented properly.
2. How does FIPS 140 relate to Suite B?
**Answer:** Suite B is simply a set of cryptographic algorithms defined by the U.S. National Security Agency (NSA) as part of its Cryptographic Modernization Program. The set of Suite B cryptographic algorithms are to be used for both unclassified information and most classified information.
The Suite B cryptographic algorithms are a subset of the FIPS Approved cryptographic algorithms as allowed by the FIPS 140 standard.
3. There are so many modules listed on the NIST website for each release, how are they related and how do I tell which one applies to me?
**Answer:** Microsoft strives to validate all releases of its cryptographic modules. Each module provides a different set of cryptographic algorithms. If you are required to use only FIPS validated cryptographic modules, you simply need to verify that the version being used appears on the validation list.
Please see the [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_fips_140)section for a complete list of Microsoft validated modules.
4. My application links against crypt32.dll, cryptsp.dll, advapi32.dll, bcrypt.dll, bcryptprimitives.dll, or ncrypt.dll. What do I need to do to assure Im using FIPS 140 validated cryptographic modules?
**Answer:** crypt32.dll, cryptsp.dll, advapi32.dll, and ncrypt.dll are intermediary libraries that will offload all cryptographic operations to the FIPS validated cryptographic modules. Bcrypt.dll itself is a validated cryptographic module for Windows Vista and Windows Server 2008. For Windows 7 and Windows Server 2008 R2 and later, bcryptprimitives.dll is the validated module, but bcrypt.dll remains as one of the libraries to link against.
You must first verify that the underlying CNG cryptographic module is validated. Once verified, you'll need to confirm that you're using the module correctly in FIPS mode (See [Information for Software Developers](https://technet.microsoft.com/library/cc750357.aspx#_information_for_software) section for details).
5. What does "When operated in FIPS mode" mean on certificates?
**Answer:** This caveat identifies that a required configuration and security rules must be followed in order to use the cryptographic module in a manner consistent with its FIPS 140 Security Policy. The security rules are defined in the Security Policy for the module and usually revolve around using only FIPS Approved cryptographic algorithms and key sizes. Please see the Security Policy for the specific security rules for each cryptographic module (See [Microsoft FIPS 140 Validated Cryptographic Modules](https://technet.microsoft.com/library/cc750357.aspx#_microsoft_fips_140) section for links to each policy).
6. Which FIPS validated module is called when Windows 7 or Windows 8 is configured to use the FIPS setting in the wireless configuration?
**Answer:** CNG is used. This setting tells the wireless driver to call FIPS 140-2 validated cryptographic modules instead of using the drivers own cryptography, if any.
7. Is BitLocker to Go FIPS 140-2 validated?
**Answer:** There are two separate parts for BitLocker to Go. One part is simply a native feature of BitLocker and as such, it uses FIPS 140-2 validated cryptographic modules. The other part is the BitLocker to Go Reader application for down-level support of older operating systems such as Windows XP and Windows Vista. The Reader application does not use FIPS 140-2 validated cryptographic modules.
8. Are applications FIPS 140-2 validated?
**Answer:** Microsoft only has low-level cryptographic modules in Windows FIPS 140-2 validated, not high-level applications. A better question is whether a certain application calls a FIPS 140-2 validated cryptographic module in the underlying Windows OS. That question needs to be directed to the company/product group that created the application of interest.
9. How can Systems Center Operations Manager 2012 be configured to use FIPS 140-2 validated cryptographic modules?
**Answer:** See [https://technet.microsoft.com/library/hh914094.aspx](https://technet.microsoft.com/library/hh914094.aspx)
## Microsoft FIPS 140 Validated Cryptographic Modules
### Modules By Operating System
The following tables identify the Cryptographic Modules for an operating system.
#### Windows
## Microsoft FIPS 140-2 validated cryptographic modules
The following tables identify the cryptographic modules used in an operating system, organized by release.
## Modules used by Windows
##### Windows 10 Spring 2018 Update (Version 1803)
Validated Editions: Home, Pro, Enterprise, Education
<table>
<colgroup>
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
</colgroup>
<tbody>
<tr class="odd">
<td><strong>Cryptographic Module</strong></td>
<td><strong>Version (link to Security Policy)</strong></td>
<td><strong>FIPS Certificate #</strong></td>
<td><strong>Algorithms</strong></td>
</tr>
<tr class="even">
<td>Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197">#3197</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Kernel Mode Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196">#3196</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195">#3195</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Windows OS Loader</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480">#3480</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Secure Kernel Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096">#3096</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>BitLocker Dump Filter</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092">#3092</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Boot Manager</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089">#3089</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
</tbody>
</table>
##### Windows 10 Fall Creators Update (Version 1709)
Validated Editions: Home, Pro, Enterprise, Education, S, Surface Hub, Mobile
<table>
<colgroup>
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
</colgroup>
<tbody>
<tr class="odd">
<td><strong>Cryptographic Module</strong></td>
<td><strong>Version (link to Security Policy)</strong></td>
<td><strong>FIPS Certificate #</strong></td>
<td><strong>Algorithms</strong></td>
</tr>
<tr class="even">
<td>Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197">#3197</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Kernel Mode Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196">#3196</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195">#3195</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Windows OS Loader</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194">#3194</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Secure Kernel Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096">#3096</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>BitLocker Dump Filter</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092">#3092</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Windows Resume</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091">#3091</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Boot Manager</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089">#3089</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
</tbody>
</table>
##### Windows 10 Creators Update (Version 1703)
@ -1349,8 +1326,141 @@ Validated Editions: Ultimate Edition
</tbody>
</table>
## Modules used by Windows Server
#### Windows Server
##### Windows Server (Version 1803)
Validated Editions: Standard, Datacenter
<table>
<colgroup>
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
</colgroup>
<tbody>
<tr class="odd">
<td><strong>Cryptographic Module</strong></td>
<td><strong>Version (link to Security Policy)</strong></td>
<td><strong>FIPS Certificate #</strong></td>
<td><strong>Algorithms</strong></td>
</tr>
<tr class="even">
<td>Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197">#3197</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Kernel Mode Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196">#3196</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195">#3195</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Windows OS Loader</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3480.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3480">#3480</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Secure Kernel Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096">#3096</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>BitLocker Dump Filter</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092">#3092</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Boot Manager</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf">10.0.17134</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089">#3089</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
</tbody>
</table>
##### Windows Server (Version 1709)
Validated Editions: Standard, Datacenter
<table>
<colgroup>
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
<col style="width: 25%" />
</colgroup>
<tbody>
<tr class="odd">
<td><strong>Cryptographic Module</strong></td>
<td><strong>Version (link to Security Policy)</strong></td>
<td><strong>FIPS Certificate #</strong></td>
<td><strong>Algorithms</strong></td>
</tr>
<tr class="even">
<td>Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3197.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3197">#3197</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Kernel Mode Cryptographic Primitives Library</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3196.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3196">#3196</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3195.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3195">#3195</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Windows OS Loader</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3194.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3194">#3194</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Secure Kernel Code Integrity</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3096.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3096">#3096</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>BitLocker Dump Filter</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3092.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3092">#3092</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="even">
<td>Windows Resume</td>
<td><a href="https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3091.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3091">#3091</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
<tr class="odd">
<td>Boot Manager</td>
<td><a href="https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp3089.pdf">10.0.16299</a></td>
<td><a href="https://csrc.nist.gov/projects/cryptographic-module-validation-program/certificate/3089">#3089</a></td>
<td>See Security Policy and Certificate page for algorithm information</td>
</tr>
</tbody>
</table>
##### Windows Server 2016
@ -7082,10 +7192,3 @@ Version 6.3.9600</p></td>
\[[SP 800-57](http://csrc.nist.gov/publications/pubssps.html#800-57-part1)\] - Recommendation for Key Management Part 1: General (Revised)
\[[SP 800-131A](http://csrc.nist.gov/publications/nistpubs/800-131a/sp800-131a.pdf)\] - Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths
## Additional Microsoft References
Enabling FIPS mode - <http://support.microsoft.com/kb/811833>
Cipher Suites in Schannel - [https://msdn.microsoft.com/library/aa374757(VS.85).aspx](https://msdn.microsoft.com/library/aa374757\(vs.85\).aspx)

14
windows/security/threat-protection/intelligence/safety-scanner-download.md
View File

@ -24,15 +24,17 @@ Microsoft Safety Scanner is a scan tool designed to find and remove malware from
- [Download Microsoft Safety Scanner (64-bit)](https://go.microsoft.com/fwlink/?LinkId=212732)
> [!NOTE]
> The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/wdsi/definitions).
> Starting November 2019, Safety Scanner will be SHA-2 signed exclusively. Your devices must be updated to support SHA-2 in order to run Safety Scanner. To learn more, see [2019 SHA-2 Code Signing Support requirement for Windows and WSUS](https://support.microsoft.com/help/4472027/2019-sha-2-code-signing-support-requirement-for-windows-and-wsus).
Safety Scanner only scans when manually triggered and is available for use 10 days after being downloaded. We recommend that you always download the latest version of this tool before each scan.
## Important information
> [!NOTE]
> This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
- The security intelligence update version of the Microsoft Safety Scanner matches the version described [in this web page](https://www.microsoft.com/wdsi/definitions).
> [!NOTE]
> Safety scanner is a portable executable and does not appear in the Windows Start menu or as an icon on the desktop. Note where you saved this download.
- Safety Scanner only scans when manually triggered and is available for use 10 days after being downloaded. We recommend that you always download the latest version of this tool before each scan.
- Safety scanner is a portable executable and does not appear in the Windows Start menu or as an icon on the desktop. Note where you saved this download.
- This tool does not replace your antimalware product. For real-time protection with automatic updates, use [Windows Defender Antivirus on Windows 10 and Windows 8](https://www.microsoft.com/windows/comprehensive-security) or [Microsoft Security Essentials on Windows 7](https://support.microsoft.com/help/14210/security-essentials-download). These antimalware products also provide powerful malware removal capabilities. If you are having difficulties removing malware with these products, you can refer to our help on [removing difficult threats](https://www.microsoft.com/wdsi/help/troubleshooting-infection).
## System requirements

2
windows/security/threat-protection/microsoft-defender-atp/api-terms-of-use.md
View File

@ -33,7 +33,7 @@ API calls per connection | 100 | 60 seconds
Microsoft and any contributors grant you a license to the Microsoft documentation and other content in this repository under the Creative Commons Attribution 4.0 International Public License, see the LICENSE file.
Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries. The licenses for this project do not grant you rights to use any Microsoft names, logos, or trademarks. Microsoft's general trademark guidelines can be found at http://go.microsoft.com/fwlink/?LinkID=254653.
Microsoft, Windows, Microsoft Azure and/or other Microsoft products and services referenced in the documentation may be either trademarks or registered trademarks of Microsoft in the United States and/or other countries. The licenses for this project do not grant you rights to use any Microsoft names, logos, or trademarks. Microsoft's general trademark guidelines can be found at https://go.microsoft.com/fwlink/?LinkID=254653.
Privacy information can be found at https://privacy.microsoft.com/en-us/
Microsoft and any contributors reserve all others rights, whether under their respective copyrights, patents, or trademarks, whether by implication, estoppel or otherwise.

6
windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints.md
View File

@ -43,6 +43,9 @@ The service supports the onboarding of the following servers:
For a practical guidance on what needs to be in place for licensing and infrastructure, see [Protecting Windows Servers with Microsoft Defender ATP](https://techcommunity.microsoft.com/t5/What-s-New/Protecting-Windows-Server-with-Windows-Defender-ATP/m-p/267114#M128).
> [!NOTE]
> An Azure Security Center Standard license is required, per node, to enroll Microsoft Defender ATP on a supported Windows Server platform, see [Supported features available in Azure Security Center](https://docs.microsoft.com/azure/security-center/security-center-services)
## Windows Server 2008 R2 SP1, Windows Server 2012 R2 and Windows Server 2016
There are two options to onboard Windows Server 2008 R2 SP1, Windows Server 2012 R2 and Windows Server 2016 to Microsoft Defender ATP:
@ -178,9 +181,6 @@ Support for Windows Server, version 1803 and Windows 2019 provides deeper insigh
## Integration with Azure Security Center
Microsoft Defender ATP integrates with Azure Security Center to provide a comprehensive server protection solution. With this integration Azure Security Center can leverage the power of Microsoft Defender ATP to provide improved threat detection for Windows Servers.
>[!NOTE]
>You'll need to have the appropriate license to enable this feature.
The following capabilities are included in this integration:
- Automated onboarding - Microsoft Defender ATP sensor is automatically enabled on Windows Servers that are onboarded to Azure Security Center. For more information on Azure Security Center onboarding, see [Onboarding to Azure Security Center Standard for enhanced security](https://docs.microsoft.com/azure/security-center/security-center-onboarding).

153
windows/security/threat-protection/microsoft-defender-atp/endpoint-detection-response-mac-preview.md Normal file
View File

@ -0,0 +1,153 @@
---
title: Enable Microsoft Defender ATP Insider Machine
description: Install and use Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
ms.prod: w10
ms.mktglfcycl: deploy
ms.sitesec: library
ms.pagetype: security
ms.author: dansimp
author: dansimp
ms.localizationpriority: medium
manager: dansimp
audience: ITPro
ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Enable Microsoft Defender ATP Insider Machine
Endpoint detection and response capabilities in Microsoft Defender ATP for Mac are now in preview. To get these and other preview features, you must set up your Mac machine to be an "Insider" machine as described in this article. For scale deployment, we recommend using [Jamf](#enable-the-insider-program-with-jamf) or [Intune](#enable-the-insider-program-with-intune).
>[!IMPORTANT]
>Make sure you have enabled [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md#how-to-install-microsoft-defender-atp-for-mac), and pay attention to the “earlyPreview” flag. See documentation for [Jamf](mac-install-with-jamf.md), [Intune](mac-install-with-intune.md) and [manual deployment](mac-install-manually.md) instructions.
## Enable the Insider program with Jamf
a. Create configuration profile com.microsoft.wdav.plist with the following content:
```XML
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>edr</key>
<dict>
<key>earlyPreview</key>
<true/>
</dict>
</dict>
</plist>
```
b. From the JAMF console, navigate to **Computers>Configuration Profiles**, navigate to the configuration profile you'd like to use, then select **Custom Settings**.
c. Create an entry withcom.microsoft.wdavas the preference domain and upload the .plist created earlier.
>[!WARNING]
>You must enter the correct preference domain (com.microsoft.wdav), otherwise the preferences will not be recognized by the product
## Enable the Insider program with Intune
a. Create configuration profile com.microsoft.wdav.plist with the following content:
```XML
<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1">
<dict>
<key>PayloadUUID</key>
<string>C4E6A782-0C8D-44AB-A025-EB893987A295</string>
<key>PayloadType</key>
<string>Configuration</string>
<key>PayloadOrganization</key>
<string>Microsoft</string>
<key>PayloadIdentifier</key>
<string>com.microsoft.wdav</string>
<key>PayloadDisplayName</key>
<string>Microsoft Defender ATP settings</string>
<key>PayloadDescription</key>
<string>Microsoft Defender ATP configuration settings</string>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>PayloadRemovalDisallowed</key>
<true/>
<key>PayloadScope</key>
<string>System</string>
<key>PayloadContent</key>
<array>
<dict>
<key>PayloadUUID</key>
<string>99DBC2BC-3B3A-46A2-A413-C8F9BB9A7295</string>
<key>PayloadType</key>
<string>com.microsoft.wdav</string>
<key>PayloadOrganization</key>
<string>Microsoft</string>
<key>PayloadIdentifier</key>
<string>com.microsoft.wdav</string>
<key>PayloadDisplayName</key>
<string>Microsoft Defender ATP configuration settings</string>
<key>PayloadDescription</key>
<string/>
<key>PayloadVersion</key>
<integer>1</integer>
<key>PayloadEnabled</key>
<true/>
<key>edr</key>
<dict>
<key>earlyPreview</key>
<true/>
</dict>
</dict>
</array>
</dict>
</plist>
```
b. Open **Manage > Device configuration**. Select **Manage > Profiles > Create Profile**.
c. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Custom**. Select **Configure**.
d. Save the .plist created earlier as com.microsoft.wdav.xml.
e. Enter com.microsoft.wdav as the custom configuration profile name.
f. Open the configuration profile and upload com.microsoft.wdav.xml. This file was created in step 1.
g. Select **OK**.
h. Select **Manage > Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
>[!WARNING]
>You must enter the correct custom configuration profile name, otherwise these preferences will not be recognized by the product.
## Enable the Insider program manually on a single machine
In the command prompt, run:
```bash
mdatp --edr --early-preview true
```
## Troubleshooting
### Verify you are running the correct version
To verify you are running the correct version, run mdatp --health on the machine.
* The required version is 100.72.15 or later.
* If the version is not as expected, verify that Microsoft Auto Update is set to automatically download and install updates by running defaults read com.microsoft.autoupdate2 from terminal.
* To change update settings use documentation in [Update Office for Mac automatically](https://support.office.com/article/update-office-for-mac-automatically-bfd1e497-c24d-4754-92ab-910a4074d7c1).
* If you are not using Office for Mac, download and run the AutoUpdate tool.
### A machine still does not appear on Microsoft Defender Security Center
After a successful deployment and onboarding of the correct version, check that the machine has connectivity to the cloud service by running mdatp --connectivity-test.
* Check that you enabled the early preview flag. In terminal run “mdatp health” and look for the value of “edrEarlyPreviewEnabled”. It should be “Enabled”.
If you followed the manual deployment instructions, you were prompted to enable Kernel Extensions. Pay attention to the “System Extension note” in the [manual deployment documentation](mac-install-manually.md#application-installation) and use the “Manual Deployment” section in the [troubleshoot kernel extension documentation](mac-support-kext.md#manual-deployment).

BIN
windows/security/threat-protection/microsoft-defender-atp/images/threat-protection-reports.png Normal file
View File

Binary file not shown.
Side by Side

After

Width:  |  Height:  |  Size: 212 KiB

3
windows/security/threat-protection/microsoft-defender-atp/import-export-exploit-protection-emet-xml.md
View File

@ -53,6 +53,9 @@ When you have configured exploit protection to your desired state (including bot
3. At the bottom of the **Exploit protection** section, click **Export settings** and then choose the location and name of the XML file where you want the configuration to be saved.
> [!IMPORTANT]
> If you want to use Default configuration, use the settings "On by default" instead of "Use Default (On)" to get the settings exported correctly on the XML file.
![Highlight of the Export Settings option](../images/wdsc-exp-prot-export.png)
> [!NOTE]

7
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-exclusions.md → windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
View File

@ -1,7 +1,6 @@
---
title: Configure and validate exclusions for Microsoft Defender ATP for Mac
ms.reviewer:
description: Describes how to provide and validate exclusions for Microsoft Defender ATP for Mac. Exclusions can be set for files, folders, and processes.
description: Provide and validate exclusions for Microsoft Defender ATP for Mac. Exclusions can be set for files, folders, and processes.
keywords: microsoft, defender, atp, mac, exclusions, scans, antivirus
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -51,13 +50,13 @@ Process | A specific process (specified either by the full path or file name) an
### From the management console
For more information on how to configure exclusions from JAMF, Intune, or another management console, see [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
For more information on how to configure exclusions from JAMF, Intune, or another management console, see [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
### From the user interface
Open the Microsoft Defender ATP application and navigate to **Manage settings** > **Add or Remove Exclusion...**, as shown in the following screenshot:
![Manage exclusions screenshot](images/mdatp-37-Exclusions.png)
![[Manage exclusions screenshot](../windows-defender-antivirus/images/mdatp-37-exclusions.png)
Select the type of exclusion that you wish to add and follow the prompts.

25
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-manually.md → windows/security/threat-protection/microsoft-defender-atp/mac-install-manually.md
View File

@ -1,7 +1,6 @@
---
title: Installing Microsoft Defender ATP for Mac manually
ms.reviewer:
description: Describes how to install Microsoft Defender ATP for Mac manually, from the command line.
title: Manual deployment for Microsoft Defender ATP for Mac
description: Install Microsoft Defender ATP for Mac manually, from the command line.
keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Manual deployment
# Manual deployment for Microsoft Defender ATP for Mac
**Applies to:**
@ -42,7 +41,7 @@ Download the installation and onboarding packages from Windows Defender Security
3. In Section 2 of the page, select **Download installation package**. Save it as wdav.pkg to a local directory.
4. In Section 2 of the page, select **Download onboarding package**. Save it as WindowsDefenderATPOnboardingPackage.zip to the same directory.
![Windows Defender Security Center screenshot](images/ATP_Portal_Onboarding_page.png)
![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/ATP-Portal-Onboarding-page.png)
5. From a command prompt, verify that you have the two files.
Extract the contents of the .zip files:
@ -63,25 +62,25 @@ To complete this process, you must have admin privileges on the machine.
1. Navigate to the downloaded wdav.pkg in Finder and open it.
![App install screenshot](images/MDATP_28_AppInstall.png)
![App install screenshot](../windows-defender-antivirus/images/MDATP-28-AppInstall.png)
2. Select **Continue**, agree with the License terms, and enter the password when prompted.
![App install screenshot](images/MDATP_29_AppInstallLogin.png)
![App install screenshot](../windows-defender-antivirus/images/MDATP-29-AppInstallLogin.png)
> [!IMPORTANT]
> You will be prompted to allow a driver from Microsoft to be installed (either "System Extension Blocked" or "Installation is on hold" or both. The driver must be allowed to be installed.
![App install screenshot](images/MDATP_30_SystemExtension.png)
![App install screenshot](../windows-defender-antivirus/images/MDATP-30-SystemExtension.png)
3. Select **Open Security Preferences** or **Open System Preferences > Security & Privacy**. Select **Allow**:
![Security and privacy window screenshot](images/MDATP_31_SecurityPrivacySettings.png)
![Security and privacy window screenshot](../windows-defender-antivirus/images/MDATP-31-SecurityPrivacySettings.png)
The installation proceeds.
> [!CAUTION]
> If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but some features, such as real-time protection, will be disabled. See [Troubleshoot kernel extension issues](microsoft-defender-atp-mac-support-kext.md) for information on how to resolve this.
> If you don't select **Allow**, the installation will proceed after 5 minutes. Defender ATP will be loaded, but some features, such as real-time protection, will be disabled. See [Troubleshoot kernel extension issues](mac-support-kext.md) for information on how to resolve this.
> [!NOTE]
> macOS may request to reboot the machine upon the first installation of Microsoft Defender. Real-time protection will not be available until the machine is rebooted.
@ -112,7 +111,7 @@ The installation proceeds.
After installation, you'll see the Microsoft Defender icon in the macOS status bar in the top-right corner.
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
## How to Allow Full Disk Access
@ -123,8 +122,8 @@ To grant consent, open System Preferences -> Security & Privacy -> Privacy -> Fu
## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
See [Logging installation issues](mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
## Uninstallation
See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.

43
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-intune.md → windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md
View File

@ -1,7 +1,6 @@
---
title: Installing Microsoft Defender ATP for Mac with Microsoft Intune
ms.reviewer:
description: Describes how to install Microsoft Defender ATP for Mac, using Microsoft Intune.
title: Intune-based deployment for Microsoft Defender ATP for Mac
description: Install Microsoft Defender ATP for Mac, using Microsoft Intune.
keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Microsoft Intune-based deployment
# Intune-based deployment for Microsoft Defender ATP for Mac
**Applies to:**
@ -44,7 +43,7 @@ Download the installation and onboarding packages from Microsoft Defender Securi
4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
5. Download **IntuneAppUtil** from [https://docs.microsoft.com/intune/lob-apps-macos](https://docs.microsoft.com/intune/lob-apps-macos).
![Windows Defender Security Center screenshot](images/MDATP_2_DownloadPackages.png)
![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/MDATP-2-DownloadPackages.png)
6. From a command prompt, verify that you have the three files.
Extract the contents of the .zip files:
@ -91,11 +90,11 @@ You need no special provisioning for a Mac device beyond a standard [Company Por
1. You are asked to confirm device management.
![Confirm device management screenshot](images/MDATP_3_ConfirmDeviceMgmt.png)
![Confirm device management screenshot](../windows-defender-antivirus/images/MDATP-3-ConfirmDeviceMgmt.png)
Select **Open System Preferences**, locate **Management Profile** on the list, and select **Approve...**. Your Management Profile would be displayed as **Verified**:
![Management profile screenshot](images/MDATP_4_ManagementProfile.png)
![Management profile screenshot](../windows-defender-antivirus/images/MDATP-4-ManagementProfile.png)
2. Select **Continue** and complete the enrollment.
@ -103,7 +102,7 @@ You may now enroll more devices. You can also enroll them later, after you have
3. In Intune, open **Manage** > **Devices** > **All devices**. Here you can see your device among those listed:
![Add Devices screenshot](images/MDATP_5_allDevices.png)
![Add Devices screenshot](../windows-defender-antivirus/images/MDATP-5-allDevices.png)
## Create System Configuration profiles
@ -112,7 +111,7 @@ You may now enroll more devices. You can also enroll them later, after you have
3. Open the configuration profile and upload intune/kext.xml. This file was created in one of the preceding sections.
4. Select **OK**.
![System configuration profiles screenshot](images/MDATP_6_SystemConfigurationProfiles.png)
![System configuration profiles screenshot](../windows-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png)
5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**.
6. Repeat steps 1 through 5 for more profiles.
@ -287,7 +286,7 @@ You may now enroll more devices. You can also enroll them later, after you have
Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**:
![System configuration profiles screenshot](images/MDATP_7_DeviceStatusBlade.png)
![System configuration profiles screenshot](../windows-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png)
## Publish application
@ -298,40 +297,40 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
5. Use **macOS High Sierra 10.13** as the minimum OS and set *Ignore app version* to **Yes**. Other settings can be any arbitrary value.
> [!CAUTION]
> Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md) for additional information about how the product is updated.
> Failure to set *Ignore app version* to **Yes** impacts the ability of the application to receive updates through Microsoft AutoUpdate. See [Deploy updates for Microsoft Defender ATP for Mac](mac-updates.md) for additional information about how the product is updated.
![Device status blade screenshot](images/MDATP_8_IntuneAppInfo.png)
![Device status blade screenshot](../windows-defender-antivirus/images/MDATP-8-IntuneAppInfo.png)
6. Select **OK** and **Add**.
![Device status blade screenshot](images/MDATP_9_IntunePkgInfo.png)
![Device status blade screenshot](../windows-defender-antivirus/images/MDATP-9-IntunePkgInfo.png)
7. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**.
![Client apps screenshot](images/MDATP_10_ClientApps.png)
![Client apps screenshot](../windows-defender-antivirus/images/MDATP-10-ClientApps.png)
8. Change **Assignment type** to **Required**.
9. Select **Included Groups**. Select **Make this app required for all devices=Yes**. Click **Select group to include** and add a group that contains the users you want to target. Select **OK** and **Save**.
![Intune assignments info screenshot](images/MDATP_11_Assignments.png)
![Intune assignments info screenshot](../windows-defender-antivirus/images/MDATP-11-Assignments.png)
10. After some time the application will be published to all enrolled devices. You can see it listed in **Monitor** > **Device**, under **Device install status**:
![Intune device status screenshot](images/MDATP_12_DeviceInstall.png)
![Intune device status screenshot](../windows-defender-antivirus/images/MDATP-12-DeviceInstall.png)
## Verify client device state
1. After the configuration profiles are deployed to your devices, open **System Preferences** > **Profiles** on your Mac device.
![System Preferences screenshot](images/MDATP_13_SystemPreferences.png)
![System Preferences Profiles screenshot](images/MDATP_14_SystemPreferencesProfiles.png)
![System Preferences screenshot](../windows-defender-antivirus/images/MDATP-13-SystemPreferences.png)<br/>
![System Preferences Profiles screenshot](../windows-defender-antivirus/images/MDATP-14-SystemPreferencesProfiles.png)
2. Verify that the following configuration profiles are present and installed. The **Management Profile** should be the Intune system profile. _Wdav-config_ and _wdav-kext_ are system configuration profiles that were added in Intune:
![Profiles screenshot](images/MDATP_15_ManagementProfileConfig.png)
![Profiles screenshot](../windows-defender-antivirus/images/MDATP-15-ManagementProfileConfig.png)
3. You should also see the Microsoft Defender icon in the top-right corner:
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
## Troubleshooting
@ -341,8 +340,8 @@ Solution: Follow the steps above to create a device profile using WindowsDefende
## Logging installation issues
For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) .
For more information on how to find the automatically generated log that is created by the installer when an error occurs, see [Logging installation issues](mac-resources.md#logging-installation-issues) .
## Uninstallation
See [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.
See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove Microsoft Defender ATP for Mac from client devices.

41
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-jamf.md → windows/security/threat-protection/microsoft-defender-atp/mac-install-with-jamf.md
View File

@ -1,7 +1,6 @@
---
title: Installing Microsoft Defender ATP for Mac with JAMF
ms.reviewer:
description: Describes how to install Microsoft Defender ATP for Mac, using JAMF.
title: JAMF-based deployment for Microsoft Defender ATP for Mac
description: Install Microsoft Defender ATP for Mac, using JAMF.
keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# JAMF-based deployment
# JAMF-based deployment for Microsoft Defender ATP for Mac
**Applies to:**
@ -46,7 +45,7 @@ Download the installation and onboarding packages from Windows Defender Security
3. In Section 2 of the page, select **Download installation package**. Save it as _wdav.pkg_ to a local directory.
4. In Section 2 of the page, select **Download onboarding package**. Save it as _WindowsDefenderATPOnboardingPackage.zip_ to the same directory.
![Windows Defender Security Center screenshot](images/MDATP_2_DownloadPackages.png)
![Windows Defender Security Center screenshot](../windows-defender-antivirus/images/MDATP-2-DownloadPackages.png)
5. From the command prompt, verify that you have the two files. Extract the contents of the .zip files like so:
@ -79,7 +78,7 @@ To set the onboarding information, add a property list file with the name, _jamf
>[!IMPORTANT]
> You must set the Preference Domain as "com.microsoft.wdav.atp"
![Configuration profile screenshot](images/MDATP_16_PreferenceDomain.png)
![Configuration profile screenshot](../windows-defender-antivirus/images/MDATP-16-PreferenceDomain.png)
### Approved Kernel Extension
@ -88,7 +87,7 @@ To approve the kernel extension:
1. In **Computers > Configuration Profiles** select **Options > Approved Kernel Extensions**.
2. Use **UBF8T346G9** for Team Id.
![Approved kernel extensions screenshot](images/MDATP_17_approvedKernelExtensions.png)
![Approved kernel extensions screenshot](../windows-defender-antivirus/images/MDATP-17-approvedKernelExtensions.png)
### Privacy Preferences Policy Control
@ -104,7 +103,7 @@ Add the following JAMF policy to grant Full Disk Access to Microsoft Defender AT
3. Set Code Requirement to `identifier "com.microsoft.wdav" and anchor apple generic and certificate 1[field.1.2.840.113635.100.6.2.6] /* exists */ and certificate leaf[field.1.2.840.113635.100.6.1.13] /* exists */ and certificate leaf[subject.OU] = UBF8T346G9`.
4. Set app or service to SystemPolicyAllFiles and access to Allow.
![Privacy Preferences Policy Control](images/MDATP_35_JAMF_PrivacyPreferences.png)
![Privacy Preferences Policy Control](../windows-defender-antivirus/images/MDATP-35-JAMF-PrivacyPreferences.png)
#### Configuration Profile's Scope
@ -112,7 +111,7 @@ Configure the appropriate scope to specify the devices that will receive the con
Open **Computers** > **Configuration Profiles**, and select **Scope > Targets**. From there, select the devices you want to target.
![Configuration profile scope screenshot](images/MDATP_18_ConfigurationProfilesScope.png)
![Configuration profile scope screenshot](../windows-defender-antivirus/images/MDATP-18-ConfigurationProfilesScope.png)
Save the **Configuration Profile**.
@ -132,7 +131,7 @@ Starting in macOS 10.15 (Catalina) a user must manually allow to display notific
1. Create a package in **Settings > Computer Management > Packages**.
![Computer management packages screenshot](images/MDATP_19_MicrosoftDefenderWDAVPKG.png)
![Computer management packages screenshot](../windows-defender-antivirus/images/MDATP-19-MicrosoftDefenderWDAVPKG.png)
2. Upload the package to the Distribution Point.
3. In the **filename** field, enter the name of the package. For example, _wdav.pkg_.
@ -141,7 +140,7 @@ Starting in macOS 10.15 (Catalina) a user must manually allow to display notific
Your policy should contain a single package for Microsoft Defender.
![Microsoft Defender packages screenshot](images/MDATP_20_MicrosoftDefenderPackages.png)
![Microsoft Defender packages screenshot](../windows-defender-antivirus/images/MDATP-20-MicrosoftDefenderPackages.png)
Configure the appropriate scope to specify the computers that will receive this policy.
@ -156,12 +155,12 @@ You'll need no special provisioning for a macOS computer, beyond the standard JA
1. Open **Device Profiles**, from the **General** tab, and make sure that **User Approved MDM** is set to **Yes**. If it's currently set to No, the user needs to open **System Preferences > Profiles** and select **Approve** on the MDM Profile.
![MDM approve button screenshot](images/MDATP_21_MDMProfile1.png)
![MDM screenshot](images/MDATP_22_MDMProfileApproved.png)
![MDM approve button screenshot](../windows-defender-antivirus/images/MDATP-21-MDMProfile1.png)<br/>
![MDM screenshot](../windows-defender-antivirus/images/MDATP-22-MDMProfileApproved.png)
After a moment, the device's User Approved MDM status will change to **Yes**.
![MDM status screenshot](images/MDATP_23_MDMStatus.png)
![MDM status screenshot](../windows-defender-antivirus/images/MDATP-23-MDMStatus.png)
You may now enroll additional devices. You may also enroll them later, after you have finished provisioning system configuration and application packages.
@ -176,17 +175,17 @@ You can monitor deployment status in the **Logs** tab:
- **Pending** means that the deployment is scheduled but has not yet happened
- **Completed** means that the deployment succeeded and is no longer scheduled
![Status on server screenshot](images/MDATP_24_StatusOnServer.png)
![Status on server screenshot](../windows-defender-antivirus/images/MDATP-24-StatusOnServer.png)
### Status on client device
After the Configuration Profile is deployed, you'll see the profile for the device in **System Preferences** > **Profiles >**.
![Status on client screenshot](images/MDATP_25_StatusOnClient.png)
![Status on client screenshot](../windows-defender-antivirus/images/MDATP-25-StatusOnClient.png)
Once the policy is applied, you'll see the Microsoft Defender ATP icon in the macOS status bar in the top-right corner.
![Microsoft Defender icon in status bar screenshot](images/MDATP_Icon_Bar.png)
![Microsoft Defender icon in status bar screenshot](../windows-defender-antivirus/images/MDATP-Icon-Bar.png)
You can monitor policy installation on a device by following the JAMF log file:
@ -231,11 +230,11 @@ If the product is not healthy, the exit code (which can be checked through `echo
## Logging installation issues
See [Logging installation issues](microsoft-defender-atp-mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
See [Logging installation issues](mac-resources.md#logging-installation-issues) for more information on how to find the automatically generated log that is created by the installer when an error occurs.
## Uninstallation
This method is based on the script described in [Uninstalling](microsoft-defender-atp-mac-resources.md#uninstalling).
This method is based on the script described in [Uninstalling](mac-resources.md#uninstalling).
### Script
@ -258,12 +257,12 @@ This script removes Microsoft Defender ATP from the /Applications directory:
echo "Done!"
```
![Microsoft Defender uninstall screenshot](images/MDATP_26_Uninstall.png)
![Microsoft Defender uninstall screenshot](../windows-defender-antivirus/images/MDATP-26-Uninstall.png)
### Policy
Your policy should contain a single script:
![Microsoft Defender uninstall script screenshot](images/MDATP_27_UninstallScript.png)
![Microsoft Defender uninstall script screenshot](../windows-defender-antivirus/images/MDATP-27-UninstallScript.png)
Configure the appropriate scope in the **Scope** tab to specify the machines that will receive this policy.

18
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-install-with-other-mdm.md → windows/security/threat-protection/microsoft-defender-atp/mac-install-with-other-mdm.md
View File

@ -1,6 +1,6 @@
---
title: Installing Microsoft Defender ATP for Mac with different MDM product
description: Describes how to install Microsoft Defender ATP for Mac on other management solutions.
title: Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender ATP for Mac
description: Install Microsoft Defender ATP for Mac on other management solutions.
keywords: microsoft, defender, atp, mac, installation, deploy, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -17,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Deployment with a different Mobile Device Management (MDM) system
# Deployment with a different Mobile Device Management (MDM) system for Microsoft Defender ATP for Mac
**Applies to:**
@ -49,21 +49,21 @@ You can deploy Defender without the last requirement from the preceding list, ho
## Deployment
Most MDM solutions use the same model for managing macOS machines, with similar terminology. Use [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md) as a template.
Most MDM solutions use the same model for managing macOS machines, with similar terminology. Use [JAMF-based deployment](mac-install-with-jamf.md) as a template.
### Package
Configure deployment of a [required application package](microsoft-defender-atp-mac-install-with-jamf.md#package),
with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages).
Configure deployment of a [required application package](mac-install-with-jamf.md#package),
with the installation package (wdav.pkg) downloaded from [Microsoft Defender Security Center](mac-install-with-jamf.md#download-installation-and-onboarding-packages).
In order to deploy the package to your enterprise, use the instructions associated with your MDM solution.
### License settings
Set up [a system configuration profile](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile).
Set up [a system configuration profile](mac-install-with-jamf.md#configuration-profile).
Your MDM solution may call it something like "Custom Settings Profile", as Microsoft Defender ATP for Mac is not part of macOS.
Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender Security Center](microsoft-defender-atp-mac-install-with-jamf.md#download-installation-and-onboarding-packages).
Use the property list, jamf/WindowsDefenderATPOnboarding.plist, which can be extracted from an onboarding package downloaded from [Microsoft Defender Security Center](mac-install-with-jamf.md#download-installation-and-onboarding-packages).
Your system may support an arbitrary property list in XML format. You can upload the jamf/WindowsDefenderATPOnboarding.plist file as-is in that case.
Alternatively, it may require you to convert the property list to a different format first.
@ -76,4 +76,4 @@ Set up a KEXT or kernel extension policy. Use team identifier **UBF8T346G9** to
## Check installation status
Run [mdatp](microsoft-defender-atp-mac-install-with-jamf.md#check-onboarding-status) on a client machine to check the onboarding status.
Run [mdatp](mac-install-with-jamf.md#check-onboarding-status) on a client machine to check the onboarding status.

27
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-preferences.md → windows/security/threat-protection/microsoft-defender-atp/mac-preferences.md
View File

@ -1,7 +1,6 @@
---
title: Set preferences for Microsoft Defender ATP for Mac
ms.reviewer:
description: Describes how to configure Microsoft Defender ATP for Mac in enterprises.
description: Configure Microsoft Defender ATP for Mac in enterprises.
keywords: microsoft, defender, atp, mac, management, preferences, enterprise, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -25,7 +24,7 @@ ms.topic: conceptual
- [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP) for Mac](microsoft-defender-atp-mac.md)
>[!IMPORTANT]
>This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](microsoft-defender-atp-mac-resources.md#configuring-from-the-command-line) page.
>This topic contains instructions for how to set preferences for Microsoft Defender ATP for Mac in enterprise environments. If you are interested in configuring the product on a device from the command-line, please refer to the [Resources](mac-resources.md#configuring-from-the-command-line) page.
In enterprise environments, Microsoft Defender ATP for Mac can be managed through a configuration profile. This profile is deployed from management tool of your choice. Preferences managed by the enterprise take precedence over the ones set locally on the device. In other words, users in your enterprise are not able to change preferences that are set through this configuration profile.
@ -262,6 +261,28 @@ Whether the status menu icon (shown in the top-right corner of the screen) is hi
| **Data type** | Boolean |
| **Possible values** | false (default) <br/> true |
### EDR preferences
The *edr* section of the configuration profile is used to manage the preferences of the EDR component of the product.
|||
|:---|:---|
| **Domain** | com.microsoft.wdav |
| **Key** | edr |
| **Data type** | Dictionary (nested preference) |
| **Comments** | See the following sections for a description of the dictionary contents. |
#### Enable / disable early preview
Whether EDR early preview features are enabled or not.
|||
|:---|:---|
| **Domain** | com.microsoft.wdav |
| **Key** | earlyPreview |
| **Data type** | Boolean |
| **Possible values** | true (default) <br/> false |
## Recommended configuration profile
To get started, we recommend the following configuration profile for your enterprise to take advantage of all protection features that Microsoft Defender ATP provides.

5
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-privacy.md → windows/security/threat-protection/microsoft-defender-atp/mac-privacy.md
View File

@ -1,7 +1,6 @@
---
title: Privacy for Microsoft Defender ATP for Mac
ms.reviewer:
description: Describes privacy controls, how to configure policy settings that impact privacy and information about the diagnostic data collected in Microsoft Defender ATP for Mac.
description: Privacy controls, how to configure policy settings that impact privacy and information about the diagnostic data collected in Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, privacy, diagnostic
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -62,7 +61,7 @@ When this feature is enabled and the sample that is collected is likely to conta
If you're an IT administrator, you might want to configure these controls at the enterprise level.
The privacy controls for the various types of data described in the preceding section are described in detail in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
The privacy controls for the various types of data described in the preceding section are described in detail in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
As with any new policy settings, you should carefully test them out in a limited, controlled environment to ensure the settings that you configure have the desired effect before you implement the policy settings more widely in your organization.

11
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-pua.md → windows/security/threat-protection/microsoft-defender-atp/mac-pua.md
View File

@ -1,7 +1,6 @@
---
title: Detect and block potentially unwanted applications
ms.reviewer:
description: Describes how to detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender ATP for Mac.
title: Detect and block potentially unwanted applications with Microsoft Defender ATP for Mac
description: Detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, pua, pus
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Detect and block potentially unwanted applications
# Detect and block potentially unwanted applications with Microsoft Defender ATP for Mac
**Applies to:**
@ -59,8 +58,8 @@ $ mdatp --threat --type-handling potentially_unwanted_application [off|audit|blo
### Use the management console to configure PUA protection:
In your enterprise, you can configure PUA protection from a management console, such as JAMF or Intune, similarly to how other product settings are configured. For more information, see the [Threat type settings](microsoft-defender-atp-mac-preferences.md#threat-type-settings) section of the [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md) topic.
In your enterprise, you can configure PUA protection from a management console, such as JAMF or Intune, similarly to how other product settings are configured. For more information, see the [Threat type settings](mac-preferences.md#threat-type-settings) section of the [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md) topic.
## Related topics
- [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md)
- [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md)

19
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-resources.md → windows/security/threat-protection/microsoft-defender-atp/mac-resources.md
View File

@ -1,7 +1,6 @@
---
title: Microsoft Defender ATP for Mac Resources
ms.reviewer:
description: Describes resources for Microsoft Defender ATP for Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product.
title: Resources for Microsoft Defender ATP for Mac
description: Resources for Microsoft Defender ATP for Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product.
keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Resources
# Resources for Microsoft Defender ATP for Mac
**Applies to:**
@ -95,18 +94,24 @@ Important tasks, such as controlling product settings and triggering on-demand s
|Protection |Do a full scan |`mdatp --scan --full` |
|Protection |Cancel an ongoing on-demand scan |`mdatp --scan --cancel` |
|Protection |Request a security intelligence update |`mdatp --definition-update` |
|EDR |Turn on/off EDR preview for Mac |`mdatp --edr --early-preview [true/false]` |
|EDR |Add group tag to machine. EDR tags are used for managing machine groups. For more information, please visit https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/machine-groups |`mdatp --edr --set-tag GROUP [name]` |
|EDR |Remove group tag from machine |`mdatp --edr --remove-tag [name]` |
## Microsoft Defender ATP portal information
In the Microsoft Defender ATP portal, you'll see two categories of information:
In the Microsoft Defender ATP portal, you'll see two categories of information.
Antivirus alerts, including:
- Antivirus alerts, including:
- Severity
- Scan type
- Device information (hostname, machine identifier, tenant identifier, app version, and OS type)
- File information (name, path, size, and hash)
- Threat information (name, type, and state)
- Device information, including:
Device information, including:
- Machine identifier
- Tenant identifier
- App version

13
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-kext.md → windows/security/threat-protection/microsoft-defender-atp/mac-support-kext.md
View File

@ -1,7 +1,6 @@
---
title: Troubleshoot kernel extension issues in Microsoft Defender ATP for Mac
ms.reviewer:
description: Describes how to troubleshoot kernel extension-related issues in Microsoft Defender ATP for Mac.
description: Troubleshoot kernel extension-related issues in Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, kernel, extension
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Troubleshoot kernel extension issues
# Troubleshoot kernel extension issues in Microsoft Defender ATP for Mac
**Applies to:**
@ -30,7 +29,7 @@ Starting with macOS High Sierra (10.13), macOS requires all kernel extensions to
If you did not approve the kernel extension during the deployment / installation of Microsoft Defender ATP for Mac, then the application displays a banner prompting you to enable it:
![RTP disabled screenshot](images/MDATP_32_Main_App_Fix.png)
![RTP disabled screenshot](../windows-defender-antivirus/images/MDATP-32-Main-App-Fix.png)
You can also run ```mdatp --health```. It reports if real-time protection is enabled but not available. This is an indication that the kernel extension is not approved to run on your device.
@ -48,8 +47,8 @@ The following sections provide guidance on how to address this issue, depending
See the instructions corresponding to the management tool that you used to deploy the product:
- [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md#configuration-profile)
- [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md#create-system-configuration-profiles)
- [JAMF-based deployment](mac-install-with-jamf.md#configuration-profile)
- [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles)
## Manual deployment
@ -57,7 +56,7 @@ If less than 30 minutes have passed since the product was installed, navigate to
If you don't see this prompt, it means that 30 or more minutes have passed, and the kernel extension still not been approved to run on your device:
![Security and privacy window after prompt expired screenshot](images/MDATP_33_SecurityPrivacySettings_NoPrompt.png)
![Security and privacy window after prompt expired screenshot](../windows-defender-antivirus/images/MDATP-33-SecurityPrivacySettings-NoPrompt.png)
In this case, you need to perform the following steps to trigger the approval flow again.

13
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-support-perf.md → windows/security/threat-protection/microsoft-defender-atp/mac-support-perf.md
View File

@ -1,7 +1,6 @@
---
title: Troubleshoot performance issues
ms.reviewer:
description: Describes how to troubleshoot performance issues in Microsoft Defender ATP for Mac.
title: Troubleshoot performance issues for Microsoft Defender ATP for Mac
description: Troubleshoot performance issues in Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, performance
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -18,7 +17,7 @@ ms.collection: M365-security-compliance
ms.topic: conceptual
---
# Troubleshoot performance issues
# Troubleshoot performance issues for Microsoft Defender ATP for Mac
**Applies to:**
@ -38,7 +37,7 @@ The following steps can be used to troubleshoot and mitigate these issues:
- From the user interface. Open Microsoft Defender ATP for Mac and navigate to **Manage settings**.
![Manage real-time protection screenshot](images/mdatp-36-RTP.png)
![Manage real-time protection screenshot](../windows-defender-antivirus/images/mdatp-36-rtp.png)
- From the Terminal. For security purposes, this operation requires elevation.
@ -46,10 +45,10 @@ The following steps can be used to troubleshoot and mitigate these issues:
$ mdatp --config realTimeProtectionEnabled false
```
If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
If your device is managed by your organization, real-time protection can be disabled by your administrator using the instructions in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
2. Open Finder and navigate to **Applications** > **Utilities**. Open **Activity Monitor** and analyze which applications are using the resources on your system. Typical examples include software updaters and compilers.
3. Configure Microsoft Defender ATP for Mac with exclusions for the processes or disk locations that contribute to the performance issues and re-enable real-time protection.
See [Configure and validate exclusions for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-exclusions.md) for details.
See [Configure and validate exclusions for Microsoft Defender ATP for Mac](mac-exclusions.md) for details.

5
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-updates.md → windows/security/threat-protection/microsoft-defender-atp/mac-updates.md
View File

@ -1,7 +1,6 @@
---
title: Deploy updates for Microsoft Defender ATP for Mac
ms.reviewer:
description: Describes how to control updates for Microsoft Defender ATP for Mac in enterprise environments.
description: Control updates for Microsoft Defender ATP for Mac in enterprise environments.
keywords: microsoft, defender, atp, mac, updates, deploy
search.product: eADQiWindows 10XVcnh
search.appverid: met150
@ -28,7 +27,7 @@ Microsoft regularly publishes software updates to improve performance, security,
To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. By default, MAU automatically checks for updates daily, but you can change that to weekly, monthly, or manually.
![MAU screenshot](images/MDATP_34_MAU.png)
![MAU screenshot](../windows-defender-antivirus/images/MDATP-34-MAU.png)
If you decide to deploy updates by using your software distribution tools, you should configure MAU to manually check for software updates. You can deploy preferences to configure how and when MAU checks for updates for the Macs in your organization.

9
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac-whatsnew.md → windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
View File

@ -1,6 +1,5 @@
---
title: Microsoft Defender ATP for Mac What's New
ms.reviewer:
title: What's new in Microsoft Defender Advanced Threat Protection for Mac
description: List of major changes for Microsoft Defender ATP for Mac.
keywords: microsoft, defender, atp, mac, installation, macos, whatsnew
search.product: eADQiWindows 10XVcnh
@ -30,7 +29,7 @@ ms.topic: conceptual
## 100.68.99
- Added the ability to configure the antivirus functionality to run in [passive mode](microsoft-defender-atp-mac-preferences.md#enable--disable-passive-mode)
- Added the ability to configure the antivirus functionality to run in [passive mode](mac-preferences.md#enable--disable-passive-mode)
- Performance improvements & bug fixes
## 100.65.28
@ -42,7 +41,7 @@ ms.topic: conceptual
>
> The mechanism for granting this consent depends on how you deployed Microsoft Defender ATP:
>
> - For manual deployments, see the updated instructions in the [Manual deployment](microsoft-defender-atp-mac-install-manually.md#how-to-allow-full-disk-access) topic.
> - For managed deployments, see the updated instructions in the [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md#create-system-configuration-profiles) topics.
> - For manual deployments, see the updated instructions in the [Manual deployment](mac-install-manually.md#how-to-allow-full-disk-access) topic.
> - For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md#privacy-preferences-policy-control) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
- Performance improvements & bug fixes

76
windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac.md → windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md
View File

@ -27,38 +27,56 @@ This topic describes how to install, configure, update, and use Microsoft Defend
## Whats new in the latest release
[What's new](microsoft-defender-atp-mac-whatsnew.md)
[What's new in Microsoft Defender ATP](whats-new-in-microsoft-defender-atp.md)
If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**.
[What's new in Microsoft Defender ATP for Mac](mac-whatsnew.md)
> [!TIP]
> If you have any feedback that you would like to share, submit it by opening Microsoft Defender ATP for Mac on your device and navigating to **Help** > **Send feedback**.
To get the latest features, including preview capabilities (such as endpoint detection and response for your Mac machines), configure your macOS machine running Microsoft Defender ATP to be an "Insider" machine. See [Enable Microsoft Defender ATP Insider Machine](endpoint-detection-response-mac-preview.md).
## How to install Microsoft Defender ATP for Mac
### Prerequisites
- Access to the Microsoft Defender Security Center portal
- A Microsoft Defender ATP subscription and access to the Microsoft Defender Security Center portal
- Beginner-level experience in macOS and BASH scripting
- Administrative privileges on the device (in case of manual deployment)
### Installation instructions
There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
- Third-party management tools:
- [Microsoft Intune-based deployment](mac-install-with-intune.md)
- [JAMF-based deployment](mac-install-with-jamf.md)
- [Other MDM products](mac-install-with-other-mdm.md)
- Command-line tool:
- [Manual deployment](mac-install-manually.md)
### System requirements
> [!CAUTION]
> The three most recent major releases of macOS are supported. Beta versions of macOS are not supported.
>
> macOS Sierra (10.12) support will end on January 1, 2020.
The three most recent major releases of macOS are supported.
- Supported macOS versions: 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra)
- Disk space: 650 MB
Beta versions of macOS are not supported. macOS Sierra (10.12) support will end on January 1, 2020.
After you've enabled the service, you may need to configure your network or firewall to allow outbound connections between it and your endpoints.
### Network connections
The following table lists the services and their associated URLs that your network must be able to connect to. You should ensure that there are no firewall or network filtering rules that would deny access to these URLs, or you may need to create an *allow* rule specifically for them.
| Service location | DNS record |
| ---------------------------------------- | ----------------------- |
| Common URLs for all locations | x.cp.wd.microsoft.com <br/> cdn.x.cp.wd.microsoft.com <br/> eu-cdn.x.cp.wd.microsoft.com <br/> wu-cdn.x.cp.wd.microsoft.com <br/> *.blob.core.windows.net <br/> officecdn-microsoft-com.akamaized.net |
| European Union | europe.x.cp.wd.microsoft.com |
| United Kingdom | unitedkingdom.x.cp.wd.microsoft.com |
| United States | unitedstates.x.cp.wd.microsoft.com |
| Common URLs for all locations | x.cp.wd.microsoft.com <br/> cdn.x.cp.wd.microsoft.com <br/> eu-cdn.x.cp.wd.microsoft.com <br/> wu-cdn.x.cp.wd.microsoft.com <br/> *.blob.core.windows.net <br/> officecdn-microsoft-com.akamaized.net <br/> crl.microsoft.com <br/> events.data.microsoft.com |
| European Union | europe.x.cp.wd.microsoft.com <br/> eu-v20.events.data.microsoft.com |
| United Kingdom | unitedkingdom.x.cp.wd.microsoft.com <br/> uk-v20.events.data.microsoft.com |
| United States | unitedstates.x.cp.wd.microsoft.com <br/> us-v20.events.data.microsoft.com |
Microsoft Defender ATP can discover a proxy server by using the following discovery methods:
- Web Proxy Auto-discovery Protocol (WPAD)
@ -76,40 +94,28 @@ $ curl -w ' %{url_effective}\n' 'https://x.cp.wd.microsoft.com/api/report' 'http
The output from this command should be similar to the following:
> `OK https://x.cp.wd.microsoft.com/api/report`
>
> `OK https://cdn.x.cp.wd.microsoft.com/ping`
`OK https://x.cp.wd.microsoft.com/api/report`
`OK https://cdn.x.cp.wd.microsoft.com/ping`
> [!CAUTION]
> We recommend that you keep [System Integrity Protection](https://support.apple.com/en-us/HT204899) (SIP) enabled on client machines. SIP is a built-in macOS security feature that prevents low-level tampering with the OS, and is enabled by default.
### Installation instructions
There are several methods and deployment tools that you can use to install and configure Microsoft Defender ATP for Mac.
In general you need to take the following steps:
- Ensure that you have a Microsoft Defender ATP subscription and have access to the Microsoft Defender ATP Portal
- Deploy Microsoft Defender ATP for Mac using one of the following deployment methods:
- Via third-party management tools:
- [Microsoft Intune-based deployment](microsoft-defender-atp-mac-install-with-intune.md)
- [JAMF-based deployment](microsoft-defender-atp-mac-install-with-jamf.md)
- [Other MDM products](microsoft-defender-atp-mac-install-with-other-mdm.md)
- Via the command-line tool:
- [Manual deployment](microsoft-defender-atp-mac-install-manually.md)
Once Microsoft Defender ATP is installed, connectivity can be validated by running the following command in Terminal:
```bash
$ mdatp --connectivity-test
```
## How to update Microsoft Defender ATP for Mac
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used.
To read more on how to configure MAU in enterprise environments, refer to [Deploy updates for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-updates.md)
Microsoft regularly publishes software updates to improve performance, security, and to deliver new features. To update Microsoft Defender ATP for Mac, a program named Microsoft AutoUpdate (MAU) is used. To learn more, see [Deploy updates for Microsoft Defender ATP for Mac](mac-updates.md)
## How to configure Microsoft Defender ATP for Mac
Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-preferences.md).
Guidance for how to configure the product in enterprise environments is available in [Set preferences for Microsoft Defender ATP for Mac](mac-preferences.md).
## Resources
- For more information about logging, uninstalling, or other topics, see the [Resources](microsoft-defender-atp-mac-resources.md) page.
- For more information about logging, uninstalling, or other topics, see the [Resources](mac-resources.md) page.
- [Privacy for Microsoft Defender ATP for Mac](microsoft-defender-atp-mac-privacy.md)
- [Privacy for Microsoft Defender ATP for Mac](mac-privacy.md)

6
windows/security/threat-protection/microsoft-defender-atp/onboarding-notification.md
View File

@ -55,11 +55,11 @@ You'll need to have access to:
- Method: "GET" as a value to get the list of machines.
- URI: Enter `https://api.securitycenter.windows.com/api/machines`.
- Authentication: Select "Active Directory OAuth".
- Tenant: Sign-in to http://portal.azure.com and navigate to **Azure Active Directory > App Registrations** and get the Tenant ID value.
- Tenant: Sign-in to https://portal.azure.com and navigate to **Azure Active Directory > App Registrations** and get the Tenant ID value.
- Audience: `https://securitycenter.onmicrosoft.com/windowsatpservice\`
- Client ID: Sign-in to http://portal.azure.com and navigate to **Azure Active Directory > App Registrations** and get the Client ID value.
- Client ID: Sign-in to https://portal.azure.com and navigate to **Azure Active Directory > App Registrations** and get the Client ID value.
- Credential Type: Select "Secret".
- Secret: Sign-in to http://portal.azure.com and navigate tnd navigate to **Azure Active Directory > App Registrations** and get the Tenant ID value.
- Secret: Sign-in to https://portal.azure.com and navigate tnd navigate to **Azure Active Directory > App Registrations** and get the Tenant ID value.
![Image of the HTTP conditions](images/http-conditions.png)

2
windows/security/threat-protection/microsoft-defender-atp/preview.md
View File

@ -42,7 +42,7 @@ Turn on the preview experience setting to be among the first to try upcoming fea
## Preview features
The following features are included in the preview release:
- [Microsoft Defender ATP for Mac](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/microsoft-defender-atp-mac) <BR> Microsoft Defender ATP for Mac brings the next-generation protection, and endpoint detection and response coverage to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices.
- [Endpoint detection and response for Mac devices](endpoint-detection-response-mac-preview.md). Recently, [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md) released. Expanding on the protection available in Microsoft Defender ATP for Mac, endpoint detection and response capabilities are now in preview.
- [Threat & Vulnerability Management Report inaccuracy](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy) <BR> You can report a false positive when you see any vague, inaccurate, incomplete, or already remediated [security recommendation](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-security-recommendation#report-inaccuracy), [software inventory](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-software-inventory#report-inaccuracy), and [discovered vulnerabilities](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/tvm-weaknesses#report-inaccuracy).

2
windows/security/threat-protection/microsoft-defender-atp/threat-protection-reports.md
View File

@ -27,7 +27,7 @@ The threat protection report provides high-level information about alerts genera
The dashboard is structured into two sections:
![Image of the threat protection report](images/atp-threat-protection-reports.png)
![Image of the threat protection report](images/threat-protection-reports.png)
Section | Description
:---|:---

3
windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md
View File

@ -27,6 +27,9 @@ The following features are generally available (GA) in the latest release of Mic
For more information preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection).
## November 2019
- [Microsoft Defender ATP for Mac](microsoft-defender-atp-mac.md) <BR> Microsoft Defender ATP for Mac brings the next-generation protection to Mac devices. Core components of the unified endpoint security platform will now be available for Mac devices. ([Endpoint detection and response is currently in preview](preview.md).)
## October 2019

2
windows/security/threat-protection/windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md
View File

@ -46,7 +46,7 @@ See [Enable cloud-delivered protection](enable-cloud-protection-windows-defender
After you've enabled the service, you may need to configure your network or firewall to allow connections between it and your endpoints.
As a cloud service, it is required that computers have access to the internet and that the ATP machine learning services are reachable. The URL: "\*.blob.core.windows.net" should not be excluded from any kind of network inspection. The table below lists the services and their associated URLs. You should ensure there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL: "\*.blob.core.windows.net").
As a cloud service, it is required that computers have access to the internet and that the ATP machine learning services are reachable. The URL: "\*.blob.core.windows.net" should not be excluded from any kind of network inspection. The table below lists the services and their associated URLs. You should ensure there are no firewall or network filtering rules denying access to these URLs, or you may need to create an allow rule specifically for them (excluding the URL: "\*.blob.core.windows.net"). Below mention URLs are using port 443 for communication.
| **Service**| **Description** |**URL** |

0
windows/security/threat-protection/windows-defender-antivirus/images/ATP_Portal_Onboarding_page.png → windows/security/threat-protection/windows-defender-antivirus/images/atp-portal-onboarding-page.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 240 KiB

After

Width:  |  Height:  |  Size: 240 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_1_RegisterApp.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-1-registerapp.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 70 KiB

After

Width:  |  Height:  |  Size: 70 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_10_ClientApps.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-10-clientapps.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 11 KiB

After

Width:  |  Height:  |  Size: 11 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_11_Assignments.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-11-assignments.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 63 KiB

After

Width:  |  Height:  |  Size: 63 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_12_DeviceInstall.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-12-deviceinstall.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 25 KiB

After

Width:  |  Height:  |  Size: 25 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_13_SystemPreferences.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-13-systempreferences.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 42 KiB

After

Width:  |  Height:  |  Size: 42 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_14_SystemPreferencesProfiles.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-14-systempreferencesprofiles.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 170 KiB

After

Width:  |  Height:  |  Size: 170 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_15_ManagementProfileConfig.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-15-managementprofileconfig.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 46 KiB

After

Width:  |  Height:  |  Size: 46 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_16_PreferenceDomain.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-16-preferencedomain.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 380 KiB

After

Width:  |  Height:  |  Size: 380 KiB

0
windows/security/threat-protection/windows-defender-antivirus/images/MDATP_17_approvedKernelExtensions.png → windows/security/threat-protection/windows-defender-antivirus/images/mdatp-17-approvedkernelextensions.png
View File

Side by Side Swipe Overlay

Before

Width:  |  Height:  |  Size: 244 KiB

After

Width:  |  Height:  |  Size: 244 KiB

Some files were not shown because too many files have changed in this diff Show More