From ccfcf4c8853afe12b8dd157fe72ebe4e3d5542d0 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:00:58 -0700 Subject: [PATCH 01/16] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...nges-to-security-settings-with-tamper-protection.md | 10 ++++------ 1 file changed, 4 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index 5ba3f228c0..accb73651d 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -46,9 +46,9 @@ Tamper Protection doesn't prevent you from viewing your security settings. And, ### What do you want to do? -[Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine) +[Turn Tamper Protection on (or off) for an individual machine using Windows Security](#turn-tamper-protection-on-or-off-for-an-individual-machine) -[Turn Tamper Protection on (or off) for your organization with Intune (Preview)](#turn-tamper-protection-on-or-off-for-your-organization-with-intune) +[Turn Tamper Protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune) ## Turn Tamper Protection on (or off) for an individual machine @@ -68,11 +68,9 @@ If you are a home user, or you are not subject to settings managed by a security > Once you’ve made this update, Tamper Protection will continue to protect your registry settings, and will also log attempts to modify them without returning errors. -## Turn Tamper Protection on (or off) for your organization with Intune +## Turn Tamper Protection on (or off) for your organization using Intune -If you are part of your organization's security team, the ability to turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune) is now in preview. "In preview" means this feature is rolling out to business customers who have [Microsoft Defender ATP](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) and who have agreed to participate in the preview program. As a preview feature, the following applies: - -*Some information in this section relates to prereleased product that might be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.* +If you are part of your organization's security team, you can turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). (This feature is rolling out now; if you don't have it yet, you should very soon, assuming your organization has [Microsoft Defender ATP](../microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md) and that you meet the prerequisites listed below.) You must have appropriate [permissions](../microsoft-defender-atp/assign-portal-access.md), such as global admin, security admin, or security operations, to perform the following task. From 59ca5ce7ed22f02700088e0de33c266e1b31c0a3 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:28:12 -0700 Subject: [PATCH 02/16] tamper protect is going GA --- .../threat-protection/microsoft-defender-atp/preview.md | 2 -- .../whats-new-in-microsoft-defender-atp.md | 3 +++ 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index a3780835a9..692f8cc37b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -46,8 +46,6 @@ The following features are included in the preview release: - [API Explorer](api-explorer.md)
The API explorer makes it easy to construct and perform API queries, test and send requests for any available Microsoft Defender ATP API endpoint. -- [Tamper Protection settings in Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-with-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). - - [Microsoft Threat Experts - Experts on Demand](microsoft-threat-experts.md)
You now have the option to consult with Microsoft Threat Experts from several places in the portal to help you in the context of your investigation. - [Indicators for IP addresses, URLs/Domains](manage-indicators.md)
You can now allow or block URLs/domains using your own threat intelligence. diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index f8f068cd50..ab3f057835 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -30,6 +30,9 @@ For more information preview features, see [Preview features](https://docs.micro ## September 2019 + +- [Tamper Protection settings in Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-with-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). + - [Live response](live-response.md)
Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats - real-time. - [Evaluation lab](evaluation-lab.md)
The Microsoft Defender ATP evaluation lab is designed to eliminate the complexities of machine and environment configuration so that you can From 1b077f67647fddde9538ab6f203df81dc9cfcdc0 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:42:17 -0700 Subject: [PATCH 03/16] Update whats-new-in-microsoft-defender-atp.md --- .../whats-new-in-microsoft-defender-atp.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index ab3f057835..871d20ad03 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -25,7 +25,6 @@ ms.topic: conceptual The following features are generally available (GA) in the latest release of Microsoft Defender ATP as well as security features in Windows 10 and Windows Server. - For more information preview features, see [Preview features](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-windows-defender-advanced-threat-protection). From d4b75fc850b564a8c50f3fcdb856ac2be25c2dff Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:45:58 -0700 Subject: [PATCH 04/16] Update configure-endpoints-non-windows.md --- .../configure-endpoints-non-windows.md | 8 ++------ 1 file changed, 2 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md index 7da16a125c..82211561cf 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md +++ b/windows/security/threat-protection/microsoft-defender-atp/configure-endpoints-non-windows.md @@ -1,6 +1,6 @@ --- title: Onboard non-Windows machines to the Microsoft Defender ATP service -description: Configure non-Winodws machines so that they can send sensor data to the Microsoft Defender ATP service. +description: Configure non-Windows machines so that they can send sensor data to the Microsoft Defender ATP service. keywords: onboard non-Windows machines, macos, linux, machine management, configure Windows ATP machines, configure Microsoft Defender Advanced Threat Protection machines search.product: eADQiWindows 10XVcnh search.appverid: met150 @@ -8,7 +8,7 @@ ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security -ms.author macaparas +ms.author: macaparas author: mjcaparas ms.localizationpriority: medium manager: dansimp @@ -27,14 +27,10 @@ ms.topic: article >Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp?ocid=docs-wdatp-nonwindows-abovefoldlink) - - Microsoft Defender ATP provides a centralized security operations experience for Windows as well as non-Windows platforms. You'll be able to see alerts from various supported operating systems (OS) in Microsoft Defender Security Center and better protect your organization's network. You'll need to know the exact Linux distros and macOS versions that are compatible with Microsoft Defender ATP for the integration to work. - - ## Onboarding non-Windows machines You'll need to take the following steps to onboard non-Windows machines: 1. Select your preferred method of onboarding: From 01acaf46bb4ce8412732ea8640fe659ddcd55025 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:46:45 -0700 Subject: [PATCH 05/16] Update whats-new-in-microsoft-defender-atp.md --- .../whats-new-in-microsoft-defender-atp.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md index 871d20ad03..be3d95c1f3 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md +++ b/windows/security/threat-protection/microsoft-defender-atp/whats-new-in-microsoft-defender-atp.md @@ -30,7 +30,7 @@ For more information preview features, see [Preview features](https://docs.micro ## September 2019 -- [Tamper Protection settings in Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-with-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). +- [Tamper Protection settings using Intune](../windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md#turn-tamper-protection-on-or-off-for-your-organization-using-intune)
You can now turn Tamper Protection on (or off) for your organization in the Microsoft 365 Device Management portal (Intune). - [Live response](live-response.md)
Get instantaneous access to a machine using a remote shell connection. Do in-depth investigative work and take immediate response actions to promptly contain identified threats - real-time. From 97b6ef20fcd5178f31ee845269684a5bb3951ca0 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:47:31 -0700 Subject: [PATCH 06/16] Update prevent-changes-to-security-settings-with-tamper-protection.md --- ...event-changes-to-security-settings-with-tamper-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md index accb73651d..0a78bbd6af 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md +++ b/windows/security/threat-protection/windows-defender-antivirus/prevent-changes-to-security-settings-with-tamper-protection.md @@ -116,7 +116,7 @@ Tamper Protection will not have any impact on such devices. If you are a home user, see [Turn Tamper Protection on (or off) for an individual machine](#turn-tamper-protection-on-or-off-for-an-individual-machine). -If you are an organization using [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage Tamper Protection in Intune similar to how you manage other endpoint protection features. See [Turn Tamper Protection on (or off) for your organization with Intune](#turn-tamper-protection-on-or-off-for-your-organization-with-intune). +If you are an organization using [Microsoft Defender Advanced Threat Protection E5](https://www.microsoft.com/microsoft-365/windows/microsoft-defender-atp), you should be able to manage Tamper Protection in Intune similar to how you manage other endpoint protection features. See [Turn Tamper Protection on (or off) for your organization using Intune](#turn-tamper-protection-on-or-off-for-your-organization-using-intune). ### How does configuring Tamper Protection in Intune affect how I manage Windows Defender through my group policy? From 08fe226a40306be9359ba949c4c85253992cfd7f Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:49:29 -0700 Subject: [PATCH 07/16] Update about-app-v-package-accelerators--app-v-46-sp1-.md --- .../about-app-v-package-accelerators--app-v-46-sp1-.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md index e162df6f9b..638fd0e895 100644 --- a/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md +++ b/mdop/appv-v4/about-app-v-package-accelerators--app-v-46-sp1-.md @@ -1,11 +1,11 @@ --- title: About App-V Package Accelerators (App-V 4.6 SP1) description: About App-V Package Accelerators (App-V 4.6 SP1) -author: dansimp +author: manikadhiman ms.assetid: fc2d2375-8f17-4a6d-b374-771cb947cb8c ms.reviewer: manager: dansimp -ms.author: manikadhiman +ms.author: v-madhi ms.pagetype: mdop, appcompat, virtualization ms.mktglfcycl: deploy ms.sitesec: library From af674fded79850722eefc8065d5d8c9d10052687 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:51:19 -0700 Subject: [PATCH 08/16] Update how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md --- ...-an-app-v-46-package-for-all-users-on-a-specific-computer.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md b/mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md index d154228918..d8bed1b729 100644 --- a/mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md +++ b/mdop/appv-v5/how-to-revert-extension-points-from-an-app-v-50-package-to-an-app-v-46-package-for-all-users-on-a-specific-computer.md @@ -1,5 +1,5 @@ --- -title: How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer +title: "How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer" description: How to Revert Extension Points from an App-V 5.0 Package to an App-V 4.6 Package For All Users on a Specific Computer ms.assetid: 2a43ca1b-6847-4dd1-ade2-336ac4ac6af0 ms.reviewer: From 07007dce5d5fefd183510fcaf8d49c44a20673b4 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:55:22 -0700 Subject: [PATCH 09/16] fixing build report errors --- .../level-1-enterprise-basic-security.md | 2 +- .../level-2-enterprise-enhanced-security.md | 2 +- .../level-3-enterprise-high-security.md | 2 +- 3 files changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md index fe043e036b..bd4027cdd4 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md @@ -5,7 +5,7 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -ms.author: appcompatguy +ms.author: cjacks author: appcompatguy manager: dansimp audience: ITPro diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md index 3671675351..f66320e362 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/level-2-enterprise-enhanced-security.md @@ -5,7 +5,7 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -ms.author: appcompatguy +ms.author: cjacks author: appcompatguy manager: dansimp audience: ITPro diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-3-enterprise-high-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-3-enterprise-high-security.md index d1673ce03b..640af6ba59 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/level-3-enterprise-high-security.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/level-3-enterprise-high-security.md @@ -5,7 +5,7 @@ keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium -ms.author: appcompatguy +ms.author: cjacks author: appcompatguy manager: dansimp audience: ITPro From 324fbbf22ec13cc9f42e3e88cfc382116a4f5d71 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:57:51 -0700 Subject: [PATCH 10/16] Update create-path-based-rules.md --- .../create-path-based-rules.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md index babbce2e0b..44a9846b76 100644 --- a/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md +++ b/windows/security/threat-protection/windows-defender-application-control/create-path-based-rules.md @@ -7,6 +7,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: mdsakibMSFT +ms.author: mdsakib ms.date: 05/17/2019 --- From cfd37751a28f39fb098a38e7e017923de453def7 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:58:19 -0700 Subject: [PATCH 11/16] Update deploy-multiple-windows-defender-application-control-policies.md --- ...loy-multiple-windows-defender-application-control-policies.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md index 40326f9ba8..d192ac21a9 100644 --- a/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/deploy-multiple-windows-defender-application-control-policies.md @@ -7,6 +7,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: mdsakibMSFT +ms.author: mdsakib ms.date: 05/17/2019 --- From b5469ed6f19f518d193aa2c9b72e35910417ff40 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 15:59:47 -0700 Subject: [PATCH 12/16] Update use-a-reference-computer-to-create-and-maintain-applocker-policies.md --- ...nce-computer-to-create-and-maintain-applocker-policies.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md index adf5eb6279..bf87000f78 100644 --- a/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md +++ b/windows/security/threat-protection/windows-defender-application-control/applocker/use-a-reference-computer-to-create-and-maintain-applocker-policies.md @@ -1,9 +1,6 @@ -ms.assetid: 10c3597f-f44c-4c8e-8fe5-105d4ac016a6 -ms.reviewer: --- title: Use a reference device to create and maintain AppLocker policies (Windows 10) description: This topic for the IT professional describes the steps to create and maintain AppLocker policies by using a reference computer. - ms.author: macapara ms.prod: w10 ms.mktglfcycl: deploy @@ -16,6 +13,8 @@ audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual ms.date: 09/21/2017 +ms.assetid: 10c3597f-f44c-4c8e-8fe5-105d4ac016a6 +ms.reviewer: --- # Use a reference device to create and maintain AppLocker policies From 6801774bc1c7c3b9648850037bcb57504d008846 Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 16:01:29 -0700 Subject: [PATCH 13/16] Update allow-com-object-registration-in-windows-defender-application-control-policy.md --- ...egistration-in-windows-defender-application-control-policy.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md index 785d80cbcc..c0e0200d21 100644 --- a/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md +++ b/windows/security/threat-protection/windows-defender-application-control/allow-com-object-registration-in-windows-defender-application-control-policy.md @@ -7,6 +7,7 @@ ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium author: mdsakibMSFT +ms.author: mdsakib ms.date: 05/21/2019 --- From 4ccb84c22303b678964aab09cf3ac71346fc44fe Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 16:03:06 -0700 Subject: [PATCH 14/16] Update user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md --- ...levation-prompt-for-administrators-in-admin-approval-mode.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md index acd0f63ec6..9576d05d77 100644 --- a/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md +++ b/windows/security/threat-protection/security-policy-settings/user-account-control-behavior-of-the-elevation-prompt-for-administrators-in-admin-approval-mode.md @@ -4,7 +4,7 @@ description: Describes the best practices, location, values, policy management a ms.assetid: 46a3c3a2-1d2e-4a6f-b5e6-29f9592f535d ms.reviewer: ms.author: dansimp -ms.prod: ws10 +ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security From 56c31a35cab96e0d5d7fbdd79a60abd5a8735bed Mon Sep 17 00:00:00 2001 From: denisebmsft Date: Tue, 24 Sep 2019 16:04:24 -0700 Subject: [PATCH 15/16] Update tvm-dashboard-insights.md --- .../microsoft-defender-atp/tvm-dashboard-insights.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md index b6571426ba..1704845ac8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-dashboard-insights.md @@ -4,6 +4,7 @@ description: What's in the Threat & Vulnerability Management dashboard and how i keywords: mdatp-tvm, mdatp-tvm dashboard, threat & vulnerability management, risk-based threat & vulnerability management, security configuration, configuration score, exposure score search.appverid: met150 search.product: eADQiWindows 10XVcnh +ms.prod: w10 ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security From 3bc7c1b5545275194f055b83c21e3dafc3628cc4 Mon Sep 17 00:00:00 2001 From: Raaj Baskaran Date: Thu, 26 Sep 2019 16:39:41 -0500 Subject: [PATCH 16/16] fixed typo --- .../level-1-enterprise-basic-security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md index bd4027cdd4..87a52c4dd8 100644 --- a/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md +++ b/windows/security/threat-protection/windows-security-configuration-framework/level-1-enterprise-basic-security.md @@ -177,7 +177,7 @@ Microsoft recommends using [the rings methodology](https://docs.microsoft.com/wi | Network / Network Connections | Prohibit use of Internet Connection Sharing on your DNS domain network | Enabled | Determines whether administrators can enable and configure the Internet Connection Sharing (ICS) feature of an Internet connection and if the ICS service can run on the computer. | | Network / Network Provider | Hardened UNC Paths | \\\\\*\\SYSVOL and \\\\\*\\NETLOGON RequireMutualAuthentication = 1, RequireIntegrity = 1 | This policy setting configures secure access to UNC paths. If you enable this policy, Windows only allows access to the specified UNC paths after fulfilling additional security requirements. | | Network / Windows Connection Manager | Prohibit connection to non-domain networks when connected to domain authenticated network | Enabled | This policy setting prevents computers from connecting to both a domain-based network and a non-domain-based network at the same time. | -| System / Credentials Delegation | Encryption Oracle Remediation | Force Updated Clients | Enryption Oracle Remediation | +| System / Credentials Delegation | Encryption Oracle Remediation | Force Updated Clients | Encryption Oracle Remediation | | System / Credentials Delegation | Remote host allows delegation of non-exportable credentials | Enabled | When using credential delegation, devices provide an exportable version of credentials to the remote host. This exposes users to the risk of credential theft from attackers on the remote host. If you enable this policy setting, the host supports Restricted Admin or Remote Credential Guard mode. | | System / Device Installation / Device Installation Restrictions | Prevent installation of devices that match any of these device IDs | [[[main setting]]] = Enabled
Also apply to matching devices that are already installed = True
1 = PCI\CC_0C0A | This policy setting allows you to specify a list of Plug and Play hardware IDs and compatible IDs for devices that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device. if you enable this policy setting, Windows is prevented from installing a device whose hardware ID or compatible ID appears in a list that you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server. If you disable or do not configure this policy setting, devices can be installed and updated as allowed or prevented by other policy settings. | | System / Device Installation / Device Installation Restrictions | Prevent installation of devices using drivers that match these device setup classes | [[[main setting]]] = Enabled
Also apply to matching devices that are already installed = True
1 = {d48179be-ec20-11d1-b6b8-00c04fa372a7} | This policy setting allows you to specify a list of device setup class globally unique identifiers (GUIDs) for device drivers that Windows is prevented from installing. This policy setting takes precedence over any other policy setting that allows Windows to install a device. if you enable this policy setting, Windows is prevented from installing or updating device drivers whose device setup class GUIDs appear in the list you create. If you enable this policy setting on a remote desktop server, the policy setting affects redirection of the specified devices from a remote desktop client to the remote desktop server. If you disable or do not configure this policy setting, Windows can install and update devices as allowed or prevented by other policy settings. |