From 3525a4909ed210ef009b3bf95b15dc98c5575fac Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Mon, 8 Mar 2021 15:05:31 -0800 Subject: [PATCH 1/5] Add release notes for macOS & Linux --- .../microsoft-defender-atp/linux-whatsnew.md | 5 +++++ .../microsoft-defender-atp/mac-install-with-intune.md | 2 +- .../microsoft-defender-atp/mac-whatsnew.md | 6 +++++- .../microsoft-defender-atp/microsoft-defender-atp-mac.md | 6 +++--- .../microsoft-defender-atp/tvm-supported-os.md | 2 +- 5 files changed, 15 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md index 99d7be60b1..523c259b6a 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md @@ -24,6 +24,11 @@ ms.technology: mde [!INCLUDE [Microsoft 365 Defender rebranding](../../includes/microsoft-defender.md)] +## 101.23.64 (30.121021.12364.0) + +- Performance improvement for the situation where an entire mount point is added to the antivirus exclusion list. Prior to this version, file activity originating from the mount point was still processed by the product. Starting with this version, file activity for excluded mount points is suppressed, leading to better product performance +- Other performance improvements & bug fixes + ## 101.18.53 - EDR for Linux is now [generally available](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/edr-for-linux-is-now-is-generally-available/ba-p/2048539) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index e0cb7de973..7cf00263a8 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -217,7 +217,7 @@ Once the Intune changes are propagated to the enrolled devices, you can see them 4. Select **Configure** and add the required information. -5. Use **macOS High Sierra 10.13** as the minimum OS. +5. Use **macOS High Sierra 10.14** as the minimum OS. 6. Set *Ignore app version* to **Yes**. Other settings can be any arbitrary value. diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md index 73179f83a8..1cf192b70b 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-whatsnew.md @@ -34,7 +34,11 @@ ms.technology: mde > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [this page](mac-sysext-policies.md). > [!IMPORTANT] -> Support for macOS 10.13 (High Sierra) will be discontinued on February 15th, 2021. +> Support for macOS 10.13 (High Sierra) has been discontinued on February 15th, 2021. + +## 101.22.79 (20.121012.12279.0) + +- Performance improvements & bug fixes ## 101.19.88 (20.121011.11988.0) diff --git a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md index 5d914f0a39..7e24e9a018 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md +++ b/windows/security/threat-protection/microsoft-defender-atp/microsoft-defender-atp-mac.md @@ -2,7 +2,7 @@ title: Microsoft Defender ATP for Mac ms.reviewer: description: Learn how to install, configure, update, and use Microsoft Defender for Endpoint for Mac. -keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, catalina, mojave, high sierra +keywords: microsoft, defender, atp, mac, installation, deploy, uninstallation, intune, jamf, macos, big sur, catalina, mojave search.product: eADQiWindows 10XVcnh search.appverid: met150 ms.prod: m365-security @@ -75,9 +75,9 @@ The three most recent major releases of macOS are supported. > On macOS 11 (Big Sur), Microsoft Defender for Endpoint requires additional configuration profiles. If you are an existing customer upgrading from earlier versions of macOS, make sure to deploy the additional configuration profiles listed on [New configuration profiles for macOS Catalina and newer versions of macOS](mac-sysext-policies.md). > [!IMPORTANT] -> Support for macOS 10.13 (High Sierra) will be discontinued on February 15th, 2021. +> Support for macOS 10.13 (High Sierra) has been discontinued on February 15th, 2021. -- 11 (Big Sur), 10.15 (Catalina), 10.14 (Mojave), 10.13 (High Sierra) +- 11 (Big Sur), 10.15 (Catalina), 10.14 (Mojave) - Disk space: 1GB Beta versions of macOS are not supported. diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md index e56be4f333..1761564e93 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md @@ -46,7 +46,7 @@ Windows Server 2008 R2 | Operating System (OS) vulnerabilities
Software prod Windows Server 2012 R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment Windows Server 2016 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment Windows Server 2019 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment -macOS 10.13 "High Sierra" and above | Operating System (OS) vulnerabilities
Software product vulnerabilities +macOS 10.14 "High Sierra" and above | Operating System (OS) vulnerabilities
Software product vulnerabilities Linux | Not supported (planned) ## Related articles From 26f4c77dc05fb61c0f82d7a087c9e79ee5bbe346 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Mon, 8 Mar 2021 16:03:09 -0800 Subject: [PATCH 2/5] Feedback --- .../microsoft-defender-atp/tvm-supported-os.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md index 1761564e93..7ffcd068a5 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-supported-os.md @@ -46,7 +46,7 @@ Windows Server 2008 R2 | Operating System (OS) vulnerabilities
Software prod Windows Server 2012 R2 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment Windows Server 2016 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment Windows Server 2019 | Operating System (OS) vulnerabilities
Software product vulnerabilities
Operating System (OS) configuration assessment
Security controls configuration assessment
Software product configuration assessment -macOS 10.14 "High Sierra" and above | Operating System (OS) vulnerabilities
Software product vulnerabilities +macOS 10.14 "Mojave" and above | Operating System (OS) vulnerabilities
Software product vulnerabilities Linux | Not supported (planned) ## Related articles From c623897e3fac600cdeb438aa90eac0fa1e2e3359 Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Mon, 8 Mar 2021 16:14:02 -0800 Subject: [PATCH 3/5] Add info on update to command-line tool --- .../threat-protection/microsoft-defender-atp/linux-whatsnew.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md index 523c259b6a..8d4408acca 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md @@ -27,6 +27,7 @@ ms.technology: mde ## 101.23.64 (30.121021.12364.0) - Performance improvement for the situation where an entire mount point is added to the antivirus exclusion list. Prior to this version, file activity originating from the mount point was still processed by the product. Starting with this version, file activity for excluded mount points is suppressed, leading to better product performance +- Added a new option to the command-line tool to view information about the last on-demand scan. The command for this is `mdatp health --details antivirus` - Other performance improvements & bug fixes ## 101.18.53 From 6f08b65a3572cb572c512623d0f40dcbddadb59d Mon Sep 17 00:00:00 2001 From: Tudor Dobrila Date: Mon, 8 Mar 2021 16:22:27 -0800 Subject: [PATCH 4/5] Update wording --- .../threat-protection/microsoft-defender-atp/linux-whatsnew.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md index 8d4408acca..0abeffb96c 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md +++ b/windows/security/threat-protection/microsoft-defender-atp/linux-whatsnew.md @@ -27,7 +27,7 @@ ms.technology: mde ## 101.23.64 (30.121021.12364.0) - Performance improvement for the situation where an entire mount point is added to the antivirus exclusion list. Prior to this version, file activity originating from the mount point was still processed by the product. Starting with this version, file activity for excluded mount points is suppressed, leading to better product performance -- Added a new option to the command-line tool to view information about the last on-demand scan. The command for this is `mdatp health --details antivirus` +- Added a new option to the command-line tool to view information about the last on-demand scan. To view information about the last on-demand scan, run `mdatp health --details antivirus` - Other performance improvements & bug fixes ## 101.18.53 From 8c9d13a7aaeed590abc6c297b6d0f7d57b8bffc4 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 8 Mar 2021 16:56:51 -0800 Subject: [PATCH 5/5] Made duplicated alt text unique to resolve build warnings. Corrected markup of UI text. --- .../mac-install-with-intune.md | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md index 7cf00263a8..e2ad0838d0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md +++ b/windows/security/threat-protection/microsoft-defender-atp/mac-install-with-intune.md @@ -155,9 +155,9 @@ To approve the system extensions: 2. Choose a name for the profile. Change **Platform=macOS** to **Profile type=Extensions**. Select **Create**. -3. In the `Basics` tab, give a name to this new profile. +3. In the **Basics** tab, give a name to this new profile. -4. In the `Configuration settings` tab, add the following entries in the `Allowed system extensions` section: +4. In the **Configuration settings** tab, add the following entries in the **Allowed system extensions** section: Bundle identifier | Team identifier --------------------------|---------------- @@ -165,9 +165,9 @@ To approve the system extensions: com.microsoft.wdav.netext | UBF8T346G9 > [!div class="mx-imgBorder"] - > ![System configuration profiles screenshot](images/mac-system-extension-intune2.png) + > ![System extension settings in Configuration settings on the Basics tab](images/mac-system-extension-intune2.png) -5. In the `Assignments` tab, assign this profile to **All Users & All devices**. +5. In the **Assignments** tab, assign this profile to **All Users & All devices**. 6. Review and create this configuration profile. @@ -181,7 +181,7 @@ To approve the system extensions: 4. Select **OK**. - ![System configuration profiles screenshot](../microsoft-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png) + ![Import a configuration from a file for Custom Configuration Profile](../microsoft-defender-antivirus/images/MDATP-6-SystemConfigurationProfiles.png) 5. Select **Manage** > **Assignments**. In the **Include** tab, select **Assign to All Users & All devices**. @@ -205,7 +205,7 @@ To approve the system extensions: Once the Intune changes are propagated to the enrolled devices, you can see them listed under **Monitor** > **Device status**: > [!div class="mx-imgBorder"] -> ![System configuration profiles screenshot](../microsoft-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png) +> ![View of Device Status in Monitor](../microsoft-defender-antivirus/images/MDATP-7-DeviceStatusBlade.png) ## Publish application @@ -227,12 +227,12 @@ Once the Intune changes are propagated to the enrolled devices, you can see them > If the version uploaded by Intune is lower than the version on the device, then the lower version will be installed, effectively downgrading Microsoft Defender for Endpoint. This could result in a non-functioning application. See [Deploy updates for Microsoft Defender for Endpoint for Mac](mac-updates.md) for additional information about how the product is updated. If you deployed Microsoft Defender for Endpoint with *Ignore app version* set to **No**, please change it to **Yes**. If Microsoft Defender for Endpoint still cannot be installed on a client device, then uninstall Microsoft Defender for Endpoint and push the updated policy. > [!div class="mx-imgBorder"] - > ![Device status blade screenshot](../microsoft-defender-antivirus/images/MDATP-8-IntuneAppInfo.png) + > ![Display of App information in App add](../microsoft-defender-antivirus/images/MDATP-8-IntuneAppInfo.png) 7. Select **OK** and **Add**. > [!div class="mx-imgBorder"] - > ![Device status blade screenshot](../microsoft-defender-antivirus/images/MDATP-9-IntunePkgInfo.png) + > ![Device status shown in Notifications window](../microsoft-defender-antivirus/images/MDATP-9-IntunePkgInfo.png) 8. It may take a few moments to upload the package. After it's done, select the package from the list and go to **Assignments** and **Add group**.