From 9d882212fa75af5712d87115a99482e3c7196d7d Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 14:39:01 -0700 Subject: [PATCH 1/5] Release notes for 2003-2 --- .../microsoft-defender-atp/mac-exclusions.md | 13 ++++++++++--- .../microsoft-defender-atp/mac-whatsnew.md | 6 ++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index c5927c9a88..cdb95e6464 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -42,9 +42,16 @@ The follow table shows the exclusion types supported by Microsoft Defender ATP f Exclusion | Definition | Examples ---|---|--- File extension | All files with the extension, anywhere on the machine | `.test` -File | A specific file identified by the full path | `/var/log/test.log` -Folder | All files under the specified folder | `/var/log/` -Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat` +File | A specific file identified by the full path | `/var/log/test.log`
`/var/log/*.log`
`/var/log/install.?.log` +Folder | All files under the specified folder | `/var/log/`
`/var/*/` +Process | A specific process (specified either by the full path or file name) and all files opened by it | `/bin/cat`
`cat`
`c?t` + +File, folder, and process exclusions support the following wildcards: + +Wildcard | Description | Example | Matches +---|---|---|--- +\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` +? | Matches any single character | `file?.log` | `file1.log`
`file2.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 57fde3cc75..fbf351fb3e 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -26,6 +26,12 @@ ms.topic: conceptual > > If you have previously whitelisted the kernel extension as part of your remote deployment, that warning should not be presented to the end user. If you have not previously deployed a policy to whitelist the kernel extension, your users will be presented with the warning. To proactively silence the warning, you can still deploy a configuration to whitelist the kernel extension. Refer to the instructions in the [JAMF-based deployment](mac-install-with-jamf.md#approved-kernel-extension) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics. +## 101.00.31 + +- Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) +- Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** +- Other performance improvements & bug fixes + ## 100.90.27 - You can now [set an update channel](mac-updates.md#set-the-channel-name) for Microsoft Defender ATP for Mac that is different from the system-wide update channel From 79ff52480775adde4812a72f18e6cbe7b9b0f2a7 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:25:58 -0700 Subject: [PATCH 2/5] Updates --- .../microsoft-defender-atp/linux-exclusions.md | 8 ++++---- .../microsoft-defender-atp/mac-exclusions.md | 8 ++++---- .../microsoft-defender-atp/mac-whatsnew.md | 2 ++ 3 files changed, 10 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index ef0797f456..b35f7ae596 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -48,10 +48,10 @@ Process | A specific process (specified either by the full path or file name) an File, folder, and process exclusions support the following wildcards: -Wildcard | Description | Example | Matches ----|---|---|--- -\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` -? | Matches any single character | `file?.log` | `file1.log`
`file2.log` +Wildcard | Description | Example | Matches | Does not match +---|---|---|---|--- +\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index cdb95e6464..4e65c42654 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -48,10 +48,10 @@ Process | A specific process (specified either by the full path or file name) an File, folder, and process exclusions support the following wildcards: -Wildcard | Description | Example | Matches ----|---|---|--- -\* | Matches any number of any characters including none | `/var/\*/\*.log` | `/var/log/system.log` -? | Matches any single character | `file?.log` | `file1.log`
`file2.log` +Wildcard | Description | Example | Matches | Does not match +---|---|---|---|--- +\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index fbf351fb3e..40f7391213 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -28,8 +28,10 @@ ms.topic: conceptual ## 101.00.31 +- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** +- In-place product downgrades are now explictily disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device - Other performance improvements & bug fixes ## 100.90.27 From e2d132d8d1b8e998daa09b064f34b604a8e0b3df Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:27:54 -0700 Subject: [PATCH 3/5] Updates --- .../microsoft-defender-atp/linux-exclusions.md | 2 +- .../threat-protection/microsoft-defender-atp/mac-exclusions.md | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md index b35f7ae596..5d04bf7089 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-exclusions.md @@ -50,7 +50,7 @@ File, folder, and process exclusions support the following wildcards: Wildcard | Description | Example | Matches | Does not match ---|---|---|---|--- -\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` ? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log` ## How to configure the list of exclusions diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md index 4e65c42654..af6fa6157c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-exclusions.md @@ -50,7 +50,7 @@ File, folder, and process exclusions support the following wildcards: Wildcard | Description | Example | Matches | Does not match ---|---|---|---|--- -\* | Matches any number of any characters including none (note that when this is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` +\* | Matches any number of any characters including none (note that when this wildcard is used inside a path it will substitute only one folder) | `/var/\*/\*.log` | `/var/log/system.log` | `/var/log/nested/system.log` ? | Matches any single character | `file?.log` | `file1.log`
`file2.log` | `file123.log` ## How to configure the list of exclusions From 876846d571f557c1ad4e8f7a20d7c123d391431a Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:28:55 -0700 Subject: [PATCH 4/5] Typo --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 40f7391213..dba3915c9f 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -31,7 +31,7 @@ ms.topic: conceptual - Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** -- In-place product downgrades are now explictily disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device +- In-place product downgrades are now explicitly disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device - Other performance improvements & bug fixes ## 100.90.27 From aebf0bc809eafe738528da97fb3e8165ee39932b Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Thu, 11 Jun 2020 16:38:33 -0700 Subject: [PATCH 5/5] Remove locale from URL to Intune --- .../threat-protection/microsoft-defender-atp/mac-whatsnew.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index dba3915c9f..b1deb73638 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -28,7 +28,7 @@ ms.topic: conceptual ## 101.00.31 -- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/en-us/mem/intune/apps/apps-advanced-threat-protection-macos) +- Improved [product onboarding experience for Intune users](https://docs.microsoft.com/mem/intune/apps/apps-advanced-threat-protection-macos) - Antivirus [exclusions now support wildcards](mac-exclusions.md#supported-exclusion-types) - Added the ability to trigger antivirus scans from the macOS contextual menu. You can now right-click a file or a folder in Finder and select **Scan with Microsoft Defender ATP** - In-place product downgrades are now explicitly disallowed by the installer. If you need to downgrade, first uninstall the existing version and reconfigure your device