diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
index ef0797f456..5d04bf7089 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md
@@ -48,10 +48,10 @@ Process | A specific process (specified either by the full path or file name) an
File, folder, and process exclusions support the following wildcards:
-Wildcard | Description | Example | Matches
----|---|---|---
-\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log`
-? | Matches any single character | `file?.log` | `file1.log`
`file2.log`
+Wildcard | Description | Example | Matches | Does not match
+---|---|---|---|---
+\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log`
+? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log`
## How to configure the list of exclusions
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
index c5927c9a88..af6fa6157c 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md
@@ -42,9 +42,16 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f
Exclusion | Definition | Examples
---|---|---
File extension | All files with the extension, anywhere on the machine | `.test`
-File | A specific file identified by the full path | `/var/log/test.log`
-Folder | All files under the specified folder | `/var/log/`
-Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
+File | A specific file identified by the full path | `/var/log/test.log`
`/var/log/*.log`
`/var/log/install.?.log`
+Folder | All files under the specified folder | `/var/log/`
`/var/*/`
+Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
`c?t`
+
+File, folder, and process exclusions support the following wildcards:
+
+Wildcard | Description | Example | Matches | Does not match
+---|---|---|---|---
+\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log`
+? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log`
## How to configure the list of exclusions
diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
index 57fde3cc75..b1deb73638 100644
--- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
+++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md
@@ -26,6 +26,14 @@ ms.topic: conceptual
>
> If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
+## 101.00.31
+
+- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/mem/intune/apps/apps-advanced-threat-protection-macos)
+- Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types)
+- Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP**
+- In-place product downgrades are now explicitly disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device
+- Other performance improvements & bug fixes
+
## 100.90.27
- You can now [set an update channel](mac-updates.md#set-the-channel-name) for Microsoft Defender ATP for Mac that is different from the system-wide update channel