From b7c305640689d6a37179466f439e44825673de61 Mon Sep 17 00:00:00 2001
From: adirdidi <68847945+adirdidi@users.noreply.github.com>
Date: Wed, 10 Mar 2021 20:00:55 +0200
Subject: [PATCH] Update
configure-network-connections-microsoft-defender-antivirus.md
Updating the list of malware submission URLs.
---
...onfigure-network-connections-microsoft-defender-antivirus.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
index cbe48a5472..3e214983d5 100644
--- a/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
+++ b/windows/security/threat-protection/microsoft-defender-antivirus/configure-network-connections-microsoft-defender-antivirus.md
@@ -60,7 +60,7 @@ The table below lists the services and their associated URLs. Make sure that the
| Microsoft Defender Antivirus cloud-delivered protection service, also referred to as Microsoft Active Protection Service (MAPS)|Used by Microsoft Defender Antivirus to provide cloud-delivered protection|`*.wdcp.microsoft.com`
`*.wdcpalt.microsoft.com`
`*.wd.microsoft.com`|
| Microsoft Update Service (MU)
Windows Update Service (WU)| Security intelligence and product updates |`*.update.microsoft.com`
`*.delivery.mp.microsoft.com`
`*.windowsupdate.com`
For details see [Connection endpoints for Windows Update](https://docs.microsoft.com/windows/privacy/manage-windows-1709-endpoints#windows-update)|
|Security intelligence updates Alternate Download Location (ADL)| Alternate location for Microsoft Defender Antivirus Security intelligence updates if the installed Security intelligence is out of date (7 or more days behind)| `*.download.microsoft.com` `*.download.windowsupdate.com` `https://fe3cr.delivery.mp.microsoft.com/ClientWebService/client.asmx`|
-| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission | `ussus1eastprod.blob.core.windows.net`
`ussus1westprod.blob.core.windows.net`
`usseu1northprod.blob.core.windows.net`
`usseu1westprod.blob.core.windows.net`
`ussuk1southprod.blob.core.windows.net`
`ussuk1westprod.blob.core.windows.net`
`ussas1eastprod.blob.core.windows.net`
`ussas1southeastprod.blob.core.windows.net`
`ussau1eastprod.blob.core.windows.net`
`ussau1southeastprod.blob.core.windows.net` |
+| Malware submission storage|Upload location for files submitted to Microsoft via the Submission form or automatic sample submission | `ussus1eastprod.blob.core.windows.net`
`ussus2eastprod.blob.core.windows.net`
`ussus3eastprod.blob.core.windows.net`
`ussus4eastprod.blob.core.windows.net`
`wsus1eastprod.blob.core.windows.net`
`wsus2eastprod.blob.core.windows.net`
`ussus1westprod.blob.core.windows.net`
`ussus2westprod.blob.core.windows.net`
`ussus3westprod.blob.core.windows.net`
`ussus4westprod.blob.core.windows.net`
`wsus1westprod.blob.core.windows.net`
`wsus2westprod.blob.core.windows.net`
`usseu1northprod.blob.core.windows.net`
`wseu1northprod.blob.core.windows.net`
`usseu1westprod.blob.core.windows.net`
`wseu1westprod.blob.core.windows.net`
`ussuk1southprod.blob.core.windows.net`
`wsuk1southprod.blob.core.windows.net`
`ussuk1westprod.blob.core.windows.net`
`wsuk1westprod.blob.core.windows.net` |
| Certificate Revocation List (CRL)|Used by Windows when creating the SSL connection to MAPS for updating the CRL | `http://www.microsoft.com/pkiops/crl/`
`http://www.microsoft.com/pkiops/certs`
`http://crl.microsoft.com/pki/crl/products`
`http://www.microsoft.com/pki/certs` |
| Symbol Store|Used by Microsoft Defender Antivirus to restore certain critical files during remediation flows | `https://msdl.microsoft.com/download/symbols` |
| Universal Telemetry Client| Used by Windows to send client diagnostic data; Microsoft Defender Antivirus uses telemetry for product quality monitoring purposes | The update uses SSL (TCP Port 443) to download manifests and upload diagnostic data to Microsoft that uses the following DNS endpoints: `vortex-win.data.microsoft.com`
`settings-win.data.microsoft.com`|