From 69db224f947442a2d837dde3c8fe1ae617a4443c Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Tue, 15 Sep 2020 13:28:07 -0700 Subject: [PATCH 01/21] server privacy settings --- .../configure-windows-diagnostic-data-in-your-organization.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 332e9f1796..f8be527a21 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -213,3 +213,5 @@ Use [Policy Configuration Service Provider (CSP)](https://docs.microsoft.com/win ## Limit optional diagnostic data for Desktop Analytics For more information about how to limit the diagnostic data to the minimum required by Desktop Analytics, see [Enable data sharing for Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/enable-data-sharing). + +## Change privacy settings on a single server From 1dab05af52abadf65c4bf15a9579c1088bbf38a2 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Fri, 18 Sep 2020 15:07:57 -0700 Subject: [PATCH 02/21] added sconfig telemetry setting steps --- ...ws-diagnostic-data-in-your-organization.md | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index f8be527a21..89f2417e05 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -13,7 +13,7 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 07/21/2020 +ms.date: 09/18/2020 --- # Configure Windows diagnostic data in your organization @@ -215,3 +215,20 @@ Use [Policy Configuration Service Provider (CSP)](https://docs.microsoft.com/win For more information about how to limit the diagnostic data to the minimum required by Desktop Analytics, see [Enable data sharing for Desktop Analytics](https://docs.microsoft.com/mem/configmgr/desktop-analytics/enable-data-sharing). ## Change privacy settings on a single server + +Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](configure-windows-diagnostic-data-in-your-organization#manage-enterprise-diagnostic-data). + +If the server has Full Desktop installation option, use the following steps: +1. steps + +If the server uses Server Core, use the following steps: +1. Log on to the server running Azure Stack HCI. + + This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. The Sconfig tool opens automatically when you log on to the server. + +1. On the **Welcome to Azure Stack HCI** screen, at the **Enter a number to select an option:** prompt, type **10** and press Enter. +1. On the **Change Telemetry** confirmation prompt, select **Yes** to display: + + Available Telemetry settings: **1 Security**, **2 Basic**, **3 Enhanced**, **4 Full** + +1. At the **Enter new telemetry setting:** prompt, type the option you want, and then press Enter. From 9545fe17ab5a535ab980ccbbba866d6b461a0388 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Fri, 18 Sep 2020 15:16:34 -0700 Subject: [PATCH 03/21] link fix --- .../configure-windows-diagnostic-data-in-your-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 89f2417e05..2630771e1d 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -216,7 +216,7 @@ For more information about how to limit the diagnostic data to the minimum requi ## Change privacy settings on a single server -Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](configure-windows-diagnostic-data-in-your-organization#manage-enterprise-diagnostic-data). +Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization#manage-enterprise-diagnostic-data). If the server has Full Desktop installation option, use the following steps: 1. steps From 4bd4b4a8395d256a913507b8e6bea0d05c35bbe4 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Fri, 18 Sep 2020 15:28:18 -0700 Subject: [PATCH 04/21] link fix 2 --- .../configure-windows-diagnostic-data-in-your-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 2630771e1d..c0642867ee 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -216,7 +216,7 @@ For more information about how to limit the diagnostic data to the minimum requi ## Change privacy settings on a single server -Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](https://docs.microsoft.com/windows/privacy/configure-windows-diagnostic-data-in-your-organization#manage-enterprise-diagnostic-data). +Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](#manage-enterprise-diagnostic-data). If the server has Full Desktop installation option, use the following steps: 1. steps From 60a8fba48e7cd4041ab99368e9b4fafaeeca7699 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Tue, 22 Sep 2020 11:31:23 -0700 Subject: [PATCH 05/21] added full desktop install option steps --- ...ws-diagnostic-data-in-your-organization.md | 27 ++++++++++++++----- 1 file changed, 21 insertions(+), 6 deletions(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index c0642867ee..f77fdfb5d4 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -13,7 +13,7 @@ ms.author: dansimp manager: dansimp ms.collection: M365-security-compliance ms.topic: article -ms.date: 09/18/2020 +ms.date: 09/22/2020 --- # Configure Windows diagnostic data in your organization @@ -218,17 +218,32 @@ For more information about how to limit the diagnostic data to the minimum requi Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](#manage-enterprise-diagnostic-data). -If the server has Full Desktop installation option, use the following steps: -1. steps +If the server has the Full Desktop installation option, use the following steps: +1. Connect to the Server Manager Dashboard of the Windows Server. -If the server uses Server Core, use the following steps: + This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. + +1. In Server Manage, under **Dashboard**, select **Local Server**. +1. On the **Properties** page of the server, next to **Feedback & Diagonstics**, select **Settings**. + + On the **Setting** page, the **Feedback frequency** and **Diagnotic and usage data** settings display. + +1. Expand the **Diagnotic and usage data** setting to select one of the following options: + - **Required diagnostic data** + - **Enhanced** + - **Optional diagnostic data** + + >[!NOTE] + > On the **Settings** page, if the notice **Some settings are managed by your organization** displays, then the **Diagnotic and usage data** setting may not be available. + +If the server is running Azure Stack HCI and uses Server Core, use the following steps: 1. Log on to the server running Azure Stack HCI. This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. The Sconfig tool opens automatically when you log on to the server. 1. On the **Welcome to Azure Stack HCI** screen, at the **Enter a number to select an option:** prompt, type **10** and press Enter. -1. On the **Change Telemetry** confirmation prompt, select **Yes** to display: +1. On the **Change Telemetry** confirmation prompt, select **Yes** to display the following options: Available Telemetry settings: **1 Security**, **2 Basic**, **3 Enhanced**, **4 Full** -1. At the **Enter new telemetry setting:** prompt, type the option you want, and then press Enter. +1. At the **Enter new telemetry setting:** prompt, type the option you want, and press Enter. From dc8e13f1f8a1bf2b93645053847f6c2dc2fad7dc Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Tue, 22 Sep 2020 11:58:42 -0700 Subject: [PATCH 06/21] small edit --- .../configure-windows-diagnostic-data-in-your-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index f77fdfb5d4..25a169ffa4 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -246,4 +246,4 @@ If the server is running Azure Stack HCI and uses Server Core, use the following Available Telemetry settings: **1 Security**, **2 Basic**, **3 Enhanced**, **4 Full** -1. At the **Enter new telemetry setting:** prompt, type the option you want, and press Enter. +1. At the **Enter new telemetry setting:** prompt, type the option you want and press Enter. From f6a961d5cad099f530aac65abc048bdb1ecb0972 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Tue, 22 Sep 2020 15:13:20 -0700 Subject: [PATCH 07/21] defined Sconfig on first reference --- .../configure-windows-diagnostic-data-in-your-organization.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 25a169ffa4..96d25beaf1 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -239,7 +239,7 @@ If the server has the Full Desktop installation option, use the following steps: If the server is running Azure Stack HCI and uses Server Core, use the following steps: 1. Log on to the server running Azure Stack HCI. - This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. The Sconfig tool opens automatically when you log on to the server. + This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. The Server Configuration tool (Sconfig) opens automatically when you log on to the server. 1. On the **Welcome to Azure Stack HCI** screen, at the **Enter a number to select an option:** prompt, type **10** and press Enter. 1. On the **Change Telemetry** confirmation prompt, select **Yes** to display the following options: From 13f432c4fba0899f0de09ce990d816908e7957ee Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 22 Sep 2020 16:01:27 -0700 Subject: [PATCH 08/21] Update configure-windows-diagnostic-data-in-your-organization.md minor edits --- ...nfigure-windows-diagnostic-data-in-your-organization.md | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 96d25beaf1..4a27aed435 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -23,6 +23,7 @@ ms.date: 09/22/2020 - Windows 10 Enterprise - Windows 10 Education - Windows Server 2016 and newer +- Azure Stack HCI, version 20H2 This article applies to Windows 10, Windows Server, Surface Hub, and Hololens diagnostic data only. It describes the types of diagnostic data that’s sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers. @@ -221,9 +222,9 @@ Here’s how to change the privacy settings on a server running either Windows S If the server has the Full Desktop installation option, use the following steps: 1. Connect to the Server Manager Dashboard of the Windows Server. - This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. + This could be locally by using a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. -1. In Server Manage, under **Dashboard**, select **Local Server**. +1. In Server Manager, under **Dashboard**, select **Local Server**. 1. On the **Properties** page of the server, next to **Feedback & Diagonstics**, select **Settings**. On the **Setting** page, the **Feedback frequency** and **Diagnotic and usage data** settings display. @@ -234,7 +235,7 @@ If the server has the Full Desktop installation option, use the following steps: - **Optional diagnostic data** >[!NOTE] - > On the **Settings** page, if the notice **Some settings are managed by your organization** displays, then the **Diagnotic and usage data** setting may not be available. + > On the **Settings** page, if you see the notice **Some settings are managed by your organization**, then the **Diagnotic and usage data** setting may not be available. If the server is running Azure Stack HCI and uses Server Core, use the following steps: 1. Log on to the server running Azure Stack HCI. From 36a3ee0657cc703b853a3bc7483c3cdc80678f67 Mon Sep 17 00:00:00 2001 From: JohnCobb1 Date: Tue, 13 Oct 2020 11:14:17 -0700 Subject: [PATCH 09/21] added link to HCI topic on changing privacy settings --- ...ws-diagnostic-data-in-your-organization.md | 31 ++----------------- 1 file changed, 2 insertions(+), 29 deletions(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 96d25beaf1..6cd9877cc9 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -216,34 +216,7 @@ For more information about how to limit the diagnostic data to the minimum requi ## Change privacy settings on a single server -Here’s how to change the privacy settings on a server running either Windows Server or Azure Stack HCI. To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](#manage-enterprise-diagnostic-data). +You can also change the privacy settings on a server running either the Azure Stack HCI operating system or Windows Server. For more information, see [Change privacy settings on individual servers](https://docs.microsoft.com/azure-stack/hci/manage/change-privacy-settings). -If the server has the Full Desktop installation option, use the following steps: -1. Connect to the Server Manager Dashboard of the Windows Server. +To manage privacy settings in your enterprise as a whole, see [Manage enterprise diagnostic data](#manage-enterprise-diagnostic-data). - This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. - -1. In Server Manage, under **Dashboard**, select **Local Server**. -1. On the **Properties** page of the server, next to **Feedback & Diagonstics**, select **Settings**. - - On the **Setting** page, the **Feedback frequency** and **Diagnotic and usage data** settings display. - -1. Expand the **Diagnotic and usage data** setting to select one of the following options: - - **Required diagnostic data** - - **Enhanced** - - **Optional diagnostic data** - - >[!NOTE] - > On the **Settings** page, if the notice **Some settings are managed by your organization** displays, then the **Diagnotic and usage data** setting may not be available. - -If the server is running Azure Stack HCI and uses Server Core, use the following steps: -1. Log on to the server running Azure Stack HCI. - - This could be locally via a keyboard and monitor, or using a remote management (headless or BMC) controller, or Remote Desktop. The Server Configuration tool (Sconfig) opens automatically when you log on to the server. - -1. On the **Welcome to Azure Stack HCI** screen, at the **Enter a number to select an option:** prompt, type **10** and press Enter. -1. On the **Change Telemetry** confirmation prompt, select **Yes** to display the following options: - - Available Telemetry settings: **1 Security**, **2 Basic**, **3 Enhanced**, **4 Full** - -1. At the **Enter new telemetry setting:** prompt, type the option you want and press Enter. From 32e1ab2646ee65f0010b5c054584b706f8eb03fe Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 20 Oct 2020 10:43:50 -0700 Subject: [PATCH 10/21] Update configure-windows-diagnostic-data-in-your-organization.md removing applies to as the Azurestack content is in another topic. everything else ok --- .../configure-windows-diagnostic-data-in-your-organization.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index 7fb08fcc3b..fbc030ae94 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -23,7 +23,6 @@ ms.date: 10/13/2020 - Windows 10 Enterprise - Windows 10 Education - Windows Server 2016 and newer -- Azure Stack HCI, version 20H2 This article applies to Windows 10, Windows Server, Surface Hub, and Hololens diagnostic data only. It describes the types of diagnostic data that’s sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers. From d31f562416bbce9c11068eec18b32ff4e57d3db9 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 14:25:06 -0700 Subject: [PATCH 11/21] Update configuration-management-reference-microsoft-defender-antivirus.md --- ...n-management-reference-microsoft-defender-antivirus.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md index 2287370263..2a0313ec61 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/configuration-management-reference-microsoft-defender-antivirus.md @@ -1,5 +1,5 @@ --- -title: Manage Windows Defender in your business +title: Manage Windows Defender in your business description: Learn how to use Group Policy, Configuration Manager, PowerShell, WMI, Intune, and the command line to manage Microsoft Defender AV keywords: group policy, gpo, config manager, sccm, scep, powershell, wmi, intune, defender, antivirus, antimalware, security, protection search.product: eADQiWindows 10XVcnh @@ -27,12 +27,12 @@ manager: dansimp You can manage and configure Microsoft Defender Antivirus with the following tools: -- Microsoft Intune -- Microsoft Endpoint Configuration Manager +- Microsoft Intune (now part of Microsoft Endpoint Manager) +- Microsoft Endpoint Configuration Manager (now part of Microsoft Endpoint Manager) - Group Policy - PowerShell cmdlets - Windows Management Instrumentation (WMI) -- The mpcmdrun.exe utility +- The Microsoft Malware Protection Command Line Utility (referred to as the *mpcmdrun.exe* utility The articles in this section provide further information, links, and resources for using these tools to manage and configure Microsoft Defender Antivirus. From 49589475462c2e4caaea44cc791601fdbf8948d6 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 14:25:56 -0700 Subject: [PATCH 12/21] Update use-intune-config-manager-microsoft-defender-antivirus.md --- .../use-intune-config-manager-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md index d52bd64acd..f6341d8889 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md @@ -11,7 +11,7 @@ ms.localizationpriority: medium author: denisebmsft ms.author: deniseb ms.custom: nextgen -ms.date: 09/03/2018 +ms.date: 10/26/2018 ms.reviewer: manager: dansimp --- From aafd647439d22e07479623a8827814e5bbedde1b Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 16:04:23 -0700 Subject: [PATCH 13/21] Update use-intune-config-manager-microsoft-defender-antivirus.md --- ...fig-manager-microsoft-defender-antivirus.md | 18 ++++++++++++++---- 1 file changed, 14 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md index f6341d8889..9b5897d363 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/use-intune-config-manager-microsoft-defender-antivirus.md @@ -25,13 +25,23 @@ manager: dansimp - [Microsoft Defender for Endpoint](https://go.microsoft.com/fwlink/p/?linkid=2146631) -If you are using Microsoft Endpoint Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can also use them to manage Microsoft Defender Antivirus scans. +If you were using Microsoft Endpoint Configuration Manager or Microsoft Intune to manage the endpoints on your network, you can now use Microsoft Endpoint Manager to manage Microsoft Defender Antivirus scans. -In some cases, the protection will be labeled as Endpoint Protection, although the engine is the same as that used by Microsoft Defender Antivirus. +1. In the Microsoft Endpoint Manager admin center ([https://endpoint.microsoft.com](https://endpoint.microsoft.com)), navigate to **Endpoint Security**. -See the [Endpoint Protection](https://docs.microsoft.com/sccm/protect/deploy-use/endpoint-protection) library on docs.microsoft.com for information on using Configuration Manager. +2. Under **Manage**, choose **Antivirus**. -For Microsoft Intune, consult the [Microsoft Intune library](https://docs.microsoft.com/intune/introduction-intune) and [Configure device restriction settings in Intune](https://docs.microsoft.com/intune/device-restrictions-configure). +3. Select your Microsoft Defender Antivirus policy. + +4. Under **Manage**, choose **Properties**. + +5. Next to **Configuration settings**, choose **Edit**. + +6. Expand the **Scan** section, and review or edit your scanning settings. + +7. Choose **Review + save** + +Need help? See [Manage endpoint security in Microsoft Intune](https://docs.microsoft.com/mem/intune/protect/endpoint-security). ## Related articles From 1f9feb61918de13b21aeae3b9eb8e26a90b4cd87 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 16:30:20 -0700 Subject: [PATCH 14/21] Update specify-cloud-protection-level-microsoft-defender-antivirus.md --- ...ud-protection-level-microsoft-defender-antivirus.md | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md index da8cab7cff..c19e372d1d 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md @@ -10,7 +10,7 @@ ms.sitesec: library ms.localizationpriority: medium author: denisebmsft ms.author: deniseb -ms.date: 08/12/2020 +ms.date: 10/26/2020 ms.reviewer: manager: dansimp ms.custom: nextgen @@ -25,10 +25,12 @@ ms.custom: nextgen - Microsoft Defender Antivirus -You can specify the level of cloud-protection offered by Microsoft Defender Antivirus with Group Policy and Microsoft Endpoint Configuration Manager. +You can specify the level of cloud protection offered by Microsoft Defender Antivirus by using Microsoft Endpoint Manager (recommended) or Group Policy. + +> [!TIP] +> Cloud protection is not simply protection for files that are stored in the cloud. The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and devices (also called endpoints). Cloud protection with Microsoft Defender Antivirus uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional security intelligence updates. +> Microsoft Intune and Microsoft Endpoint Configuration Manager are now part of [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview). ->[!NOTE] ->The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional Security intelligence updates. ## Use Intune to specify the level of cloud-delivered protection From bf9ccd801234e7d7bf5596d0f6b7ee1015392a26 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Mon, 26 Oct 2020 17:13:50 -0700 Subject: [PATCH 15/21] Acrolinx ("Hololens") and standardized vertical spacing --- ...ws-diagnostic-data-in-your-organization.md | 28 ++++++++++++++----- 1 file changed, 21 insertions(+), 7 deletions(-) diff --git a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md index fbc030ae94..36baec913b 100644 --- a/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md +++ b/windows/privacy/configure-windows-diagnostic-data-in-your-organization.md @@ -24,7 +24,7 @@ ms.date: 10/13/2020 - Windows 10 Education - Windows Server 2016 and newer -This article applies to Windows 10, Windows Server, Surface Hub, and Hololens diagnostic data only. It describes the types of diagnostic data that’s sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers. +This article applies to Windows 10, Windows Server, Surface Hub, and HoloLens diagnostic data only. It describes the types of diagnostic data that’s sent back to Microsoft and the ways you can manage it within your organization. Microsoft uses the data to quickly identify and address issues affecting its customers. >[!IMPORTANT] >Microsoft is [increasing transparency](https://blogs.microsoft.com/on-the-issues/2019/04/30/increasing-transparency-and-customer-control-over-data/) by categorizing the data we collect as required or optional. Windows 10 is in the process of updating devices to reflect this new categorization, and during this transition Basic diagnostic data will be recategorized as Required diagnostic data and Full diagnostic data will be recategorized as Optional diagnostic data. For more information, see [Changes to Windows diagnostic data](changes-to-windows-diagnostic-data-collection.md). @@ -50,7 +50,9 @@ For example, in an earlier version of Windows 10 there was a version of a video Windows diagnostic data also helps Microsoft better understand how customers use (or do not use) the operating system’s features and related services. The insights we gain from this data helps us prioritize our engineering effort to directly impact our customers’ experiences. These examples show how the use of diagnostic data enables Microsoft to build or enhance features which can help organizations increase employee productivity while lowering help desk calls. - **Start menu.** How do people change the Start menu layout? Do they pin other apps to it? Are there any apps that they frequently unpin? We use this dataset to adjust the default Start menu layout to better reflect people’s expectations when they turn on their device for the first time. + - **Cortana.** We use diagnostic data to monitor the scalability of our cloud service, improving search performance. + - **Application switching.** Research and observations from earlier Windows versions showed that people rarely used Alt+Tab to switch between apps. After discussing this with some users, we learned they loved the feature, saying that it would be highly productive, but they did not know about it previously. Based on this, we created the Task View button in Windows 10 to make this feature more discoverable. Later diagnostic data showed significantly higher usage of this feature. ## How Microsoft handles diagnostic data @@ -60,8 +62,11 @@ Use the following sections to learn more about how Microsoft handles diagnostic ### Data collection Depending on the diagnostic data settings on the device, diagnostic data can be collected via the following methods: + - Small payloads of structured information referred to as diagnostic data events, managed by the Connected User Experiences and Telemetry component. + - Diagnostic logs for additional troubleshooting, also managed by the Connected User Experience and Telemetry component. + - Crash reporting and crash dumps, managed by [Windows Error Reporting](https://docs.microsoft.com/windows/win32/wer/windows-error-reporting). Later in this document we provide further details about how to control what’s collected and what data can be included in these different types of diagnostic data. @@ -101,7 +106,7 @@ There are four diagnostic data collection settings. Each setting is described in Here’s a summary of the types of data that is included with each setting: -| | **Diagnostic data off (Security)** | **Required (Basic)** | **Enhanced** |**Optional (Full)**| +| | Diagnostic data off (Security) | Required (Basic) | Enhanced | Optional (Full) | | --- | --- | --- | --- | --- | | **Diagnostic data events** | No Windows diagnostic data sent. | Minimum data required to keep the device secure, up to date, and performing as expected. | Additional data about the websites you browse, how Windows and apps are used and how they perform, and device activity. The additional data helps Microsoft to fix and improve products and services for all users. | Additional data about the websites you browse, how Windows and apps are used and how they perform. This data also includes data about device activity, and enhanced error reporting that helps Microsoft to fix and improve products and services for all users.| | **Crash Metadata** | N/A | Yes | Yes | Yes | @@ -155,9 +160,13 @@ Required diagnostic data includes: >We’re simplifying your diagnostic data controls by moving from four diagnostic data controls to three: **Diagnostic data off**, **Required**, and **Optional**. making changes to the enhanced diagnostic data level. For more info about this change, see [Changes to Windows diagnostic data](changes-to-windows-diagnostic-data-collection.md). Enhanced diagnostic data includes data about the websites you browse, how Windows and apps are used and how they perform, and device activity. The additional data helps Microsoft to fix and improve products and services for all users. When you choose to send enhanced diagnostic data, required diagnostic data will always be included, and we collect the following additional information: + - Operating system events that help to gain insights into different areas of the operating system, including networking, Hyper-V, Cortana, storage, file system, and other components. + - Operating system app events resulting from Microsoft apps and management tools that were downloaded from the Microsoft Store or pre-installed with Windows or Windows Server, including Server Manager, Photos, Mail, and Microsoft Edge. + - Device-specific events that are specific to certain devices, such as Surface Hub and Microsoft HoloLens. For example, Microsoft HoloLens sends Holographic Processing Unit (HPU)-related events. + - All crash dump types, except for heap dumps and full dumps. For more information about crash dumps, see [Windows Error Reporting](https://docs.microsoft.com/windows/win32/wer/windows-error-reporting). ### Optional diagnostic data @@ -165,9 +174,13 @@ Enhanced diagnostic data includes data about the websites you browse, how Window Optional diagnostic data, previously labeled as **Full**, includes more detailed information about your device and its settings, capabilities, and device health. Optional diagnostic data also includes data about the websites you browse, device activity, and enhanced error reporting that helps Microsoft to fix and improve products and services for all users. When you choose to send optional diagnostic data, required diagnostic data will always be included, and we collect the following additional information: - Additional data about the device, connectivity, and configuration, beyond that collected under required diagnostic data. + - Status and logging information about the health of operating system and other system components beyond what is collected under required diagnostic data. + - App activity, such as which programs are launched on a device, how long they run, and how quickly they respond to input. + - Browser activity, including browsing history and search terms, in Microsoft browsers (Microsoft Edge or Internet Explorer). + - Enhanced error reporting, including the memory state of the device when a system or app crash occurs (which may unintentionally contain user content, such as parts of a file you were using when the problem occurred). Crash data is never used for Tailored experiences. >[!Note] @@ -198,13 +211,14 @@ Use the appropriate value in the table below when you configure the management p You can use Group Policy to set your organization’s diagnostic data setting: - 1. From the Group Policy Management Console, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds**. - 2. Double-click **Allow Telemetry**. +1. From the Group Policy Management Console, go to **Computer Configuration** > **Administrative Templates** > **Windows Components** > **Data Collection and Preview Builds**. ->[!NOTE] -> If devices in your organization are running Windows 10, 1803 and newer, the user can still use Settings to set the diagnostic data setting to a more restrictive value, unless the **Configure diagnostic data opt-in settings user interface** policy is set. +2. Double-click **Allow Telemetry**. - 3. In the **Options** box, choose the setting that you want to configure, and then click **OK**. + > [!NOTE] + > If devices in your organization are running Windows 10, 1803 and newer, the user can still use Settings to set the diagnostic data setting to a more restrictive value, unless the **Configure diagnostic data opt-in settings user interface** policy is set. + +3. In the **Options** box, choose the setting that you want to configure, and then click **OK**. ### Use MDM to manage diagnostic data collection From fd7033fddc212c208b40fdf09b3b4ba70e90d8d3 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 17:23:11 -0700 Subject: [PATCH 16/21] Update specify-cloud-protection-level-microsoft-defender-antivirus.md --- ...tion-level-microsoft-defender-antivirus.md | 48 +++++++++++-------- 1 file changed, 27 insertions(+), 21 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md index c19e372d1d..3cbd0c3745 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md @@ -32,51 +32,57 @@ You can specify the level of cloud protection offered by Microsoft Defender Anti > Microsoft Intune and Microsoft Endpoint Configuration Manager are now part of [Microsoft Endpoint Manager](https://docs.microsoft.com/mem/endpoint-manager-overview). -## Use Intune to specify the level of cloud-delivered protection +## Use Microsoft Endpoint Manager to specify the level of cloud-delivered protection -1. Sign in to the [Azure portal](https://portal.azure.com). -2. Select **All services > Intune**. -3. In the **Intune** pane, select **Device configuration > Profiles**, and then select the **Device restrictions** profile type you want to configure. If you haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure). -4. Select **Properties**, select **Settings: Configure**, and then select **Microsoft Defender Antivirus**. -5. On the **File Blocking Level** switch, select one of the following: +1. Go to the Microsoft Endpoint Manager admin center ([https://endpoint.microsoft.com](https://endpoint.microsoft.com)) and sign in. + +2. Choose **Endpoint security** > **Antivirus**. + +3. Select an antivirus profile. (If you don't have one yet, you can haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure). + +4. Select **Properties**. + +5. Next to **Configuration setting**, choose **Edit**. + +6. Expand **Cloud protection**, and then in the **Cloud-delivered protection level** list, select one of the following: 1. **High**: Applies a strong level of detection. - 2. **High +**: Uses the **High** level and applies additional protection measures (may impact client performance). + 2. **High plus**: Uses the **High** level and applies additional protection measures (may impact client performance). 3. **Zero tolerance**: Blocks all unknown executables. -8. Click **OK** to exit the **Microsoft Defender Antivirus** settings pane, click **OK** to exit the **Device restrictions** pane, and then click **Save** to save the changes to your **Device restrictions** profile. +8. Choose **Review + save**, and then choose **Save**. -For more information about Intune device profiles, including how to create and configure their settings, see [What are Microsoft Intune device profiles?](https://docs.microsoft.com/intune/device-profiles) +Need some help? See the following resources: +- [Configure Endpoint Protection](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure) +- [Add endpoint protection settings in Intune](https://docs.microsoft.com/mem/intune/protect/endpoint-protection-configure) -## Use Configuration Manager to specify the level of cloud-delivered protection - -See [How to create and deploy antimalware policies: Cloud-protection service](https://docs.microsoft.com/configmgr/protect/deploy-use/endpoint-antimalware-policies#cloud-protection-service) for details on configuring Microsoft Endpoint Configuration Manager (current branch). - ## Use Group Policy to specify the level of cloud-delivered protection 1. On your Group Policy management machine, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx). 2. Right-click the Group Policy Object you want to configure, and then click **Edit**. -3. In the **Group Policy Management Editor** go to **Computer configuration**. +3. In the **Group Policy Management Editor** go to **Computer Configuration** > **Administrative templates**. -4. Click **Administrative templates**. +4. Expand the tree to **Windows Components** > **Microsoft Defender Antivirus** > **MpEngine**. -5. Expand the tree to **Windows components > Microsoft Defender Antivirus > MpEngine**. - -6. Double-click the **Select cloud protection level** setting and set it to **Enabled**. Select the level of protection: +5. Double-click the **Select cloud protection level** setting and set it to **Enabled**. Select the level of protection: - **Default blocking level** provides strong detection without increasing the risk of detecting legitimate files. - **Moderate blocking level** provides moderate only for high confidence detections - - **High blocking level** applies a strong level of detection while optimizing client performance (greater chance of false positives). - - **High + blocking level** applies additional protection measures (may impact client performance and increase risk of false positives). + - **High blocking level** applies a strong level of detection while optimizing client performance (but can also give you a greater chance of false positives). + - **High + blocking level** applies additional protection measures (might impact client performance and increase your chance of false positives). - **Zero tolerance blocking level** blocks all unknown executables. > [!WARNING] > While unlikely, setting this switch to **High** or **High +** may cause some legitimate files to be detected (although you will have the option to unblock or dispute that detection). -7. Click **OK**. +6. Click **OK**. +7. Deploy your updated Group Policy Object. See [Group Policy Management Console](https://msdn.microsoft.com/library/ee663280(v=vs.85).aspx) + +> [!TIP] +> Are you using Group Policy Objects on premises? See how they translate in the cloud. [Analyze your on-premises group policy objects using Group Policy analytics in Microsoft Endpoint Manager - Preview](https://docs.microsoft.com/mem/intune/configuration/group-policy-analytics). ## Related articles From bac8e300423faa7e2263dac83069c0f54b3326ec Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Mon, 26 Oct 2020 17:29:20 -0700 Subject: [PATCH 17/21] Update specify-cloud-protection-level-microsoft-defender-antivirus.md --- ...tion-level-microsoft-defender-antivirus.md | 23 +++++++++---------- 1 file changed, 11 insertions(+), 12 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md index 3cbd0c3745..433c59bb6f 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/specify-cloud-protection-level-microsoft-defender-antivirus.md @@ -1,6 +1,6 @@ --- -title: Specify cloud-delivered protection level in Microsoft Defender Antivirus -description: Set the aggressiveness of cloud-delivered protection in Microsoft Defender Antivirus. +title: Specify the cloud-delivered protection level for Microsoft Defender Antivirus +description: Set your level of cloud-delivered protection for Microsoft Defender Antivirus. keywords: Microsoft Defender Antivirus, antimalware, security, defender, cloud, aggressiveness, protection level search.product: eADQiWindows 10XVcnh ms.pagetype: security @@ -25,7 +25,7 @@ ms.custom: nextgen - Microsoft Defender Antivirus -You can specify the level of cloud protection offered by Microsoft Defender Antivirus by using Microsoft Endpoint Manager (recommended) or Group Policy. +You can specify your level of cloud-delivered protection offered by Microsoft Defender Antivirus by using Microsoft Endpoint Manager (recommended) or Group Policy. > [!TIP] > Cloud protection is not simply protection for files that are stored in the cloud. The Microsoft Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and devices (also called endpoints). Cloud protection with Microsoft Defender Antivirus uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional security intelligence updates. @@ -38,23 +38,22 @@ You can specify the level of cloud protection offered by Microsoft Defender Anti 2. Choose **Endpoint security** > **Antivirus**. -3. Select an antivirus profile. (If you don't have one yet, you can haven't yet created a **Device restrictions** profile type, or if you want to create a new one, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure). +3. Select an antivirus profile. (If you don't have one yet, or if you want to create a new profile, see [Configure device restriction settings in Microsoft Intune](https://docs.microsoft.com/intune/device-restrictions-configure). -4. Select **Properties**. +4. Select **Properties**. Then, next to **Configuration settings**, choose **Edit**. -5. Next to **Configuration setting**, choose **Edit**. - -6. Expand **Cloud protection**, and then in the **Cloud-delivered protection level** list, select one of the following: +5. Expand **Cloud protection**, and then in the **Cloud-delivered protection level** list, select one of the following: 1. **High**: Applies a strong level of detection. 2. **High plus**: Uses the **High** level and applies additional protection measures (may impact client performance). 3. **Zero tolerance**: Blocks all unknown executables. -8. Choose **Review + save**, and then choose **Save**. +6. Choose **Review + save**, and then choose **Save**. -Need some help? See the following resources: -- [Configure Endpoint Protection](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure) -- [Add endpoint protection settings in Intune](https://docs.microsoft.com/mem/intune/protect/endpoint-protection-configure) +> [!TIP] +> Need some help? See the following resources: +> - [Configure Endpoint Protection](https://docs.microsoft.com/mem/configmgr/protect/deploy-use/endpoint-protection-configure) +> - [Add endpoint protection settings in Intune](https://docs.microsoft.com/mem/intune/protect/endpoint-protection-configure) ## Use Group Policy to specify the level of cloud-delivered protection From ad0f0ee4f4d2f86bdcb7b94002d6536e113c1ecb Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 27 Oct 2020 08:27:00 -0700 Subject: [PATCH 18/21] Update preview.md removing MCAS as this is now GA --- .../threat-protection/microsoft-defender-atp/preview.md | 5 ----- 1 file changed, 5 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/preview.md b/windows/security/threat-protection/microsoft-defender-atp/preview.md index eca1e04388..5ed93079a0 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/preview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/preview.md @@ -68,11 +68,6 @@ Information protection is an integral part of Microsoft 365 Enterprise suite, pr >[!NOTE] >Partially available from Windows 10, version 1809. -- [Integration with Microsoft Cloud App Security](microsoft-cloud-app-security-integration.md)
Microsoft Cloud App Security leverages Microsoft Defender ATP endpoint signals to allow direct visibility into cloud application usage including the use of unsupported cloud services (shadow IT) from all Microsoft Defender ATP monitored devices. - - >[!NOTE] - >Available from Windows 10, version 1809 or later. - - [Onboard Windows Server 2019](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/configure-server-endpoints#windows-server-version-1803-and-windows-server-2019)
Microsoft Defender ATP now adds support for Windows Server 2019. You'll be able to onboard Windows Server 2019 in the same method available for Windows 10 client devices. From b8102c87a7e0b593e62b5884c09a2884874ef9a0 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 27 Oct 2020 08:49:16 -0700 Subject: [PATCH 19/21] Update kernel-dma-protection-for-thunderbolt.md update per MSFT eng team --- .../kernel-dma-protection-for-thunderbolt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md index 836d7916f5..8c5a881e03 100644 --- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md +++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md @@ -95,7 +95,7 @@ Beginning with Windows 10 version 1809, you can use Security Center to check if - Reboot system into Windows 10. >[!NOTE] - > **Hyper-V - Virtualization Enabled in Firmware** is NOT shown when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is shown because this means that **Hyper-V - Virtualization Enabled in Firmware** is YES and the **Hyper-V** Windows feature is enabled. Enabling both is needed to enable **Kernel DMA Protection** even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-kernel-dma-protection). + > **Hyper-V - Virtualization Enabled in Firmware** is not available when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is displayed. This means that **Hyper-V - Virtualization Enabled in Firmware** is set to Yes and the **Hyper-V** Windows feature is enabled. Enabling Hyper-V virtualization in Firmware (IOMMU) is required to enable **Kernel DMA Protection**, even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-kernel-dma-protection). 4. If the state of **Kernel DMA Protection** remains Off, then the system does not support this feature. From bd1eb85397abfc8b85c98d522a8553dda5a8a370 Mon Sep 17 00:00:00 2001 From: Daniel Simpson Date: Tue, 27 Oct 2020 09:26:31 -0700 Subject: [PATCH 20/21] Update kernel-dma-protection-for-thunderbolt.md --- .../kernel-dma-protection-for-thunderbolt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md index 8c5a881e03..1e6bc6760a 100644 --- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md +++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md @@ -95,7 +95,7 @@ Beginning with Windows 10 version 1809, you can use Security Center to check if - Reboot system into Windows 10. >[!NOTE] - > **Hyper-V - Virtualization Enabled in Firmware** is not available when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is displayed. This means that **Hyper-V - Virtualization Enabled in Firmware** is set to Yes and the **Hyper-V** Windows feature is enabled. Enabling Hyper-V virtualization in Firmware (IOMMU) is required to enable **Kernel DMA Protection**, even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/en-us/windows-hardware/design/device-experiences/oem-kernel-dma-protection). + > **Hyper-V - Virtualization Enabled in Firmware** is not available when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is displayed. This means that **Hyper-V - Virtualization Enabled in Firmware** is set to Yes and the **Hyper-V** Windows feature is enabled. Enabling Hyper-V virtualization in Firmware (IOMMU) is required to enable **Kernel DMA Protection**, even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-kernel-dma-protection). 4. If the state of **Kernel DMA Protection** remains Off, then the system does not support this feature. From 13af873e943631b4eaca30cc1ca3b905203f7c4a Mon Sep 17 00:00:00 2001 From: Jeff Borsecnik Date: Tue, 27 Oct 2020 09:56:26 -0700 Subject: [PATCH 21/21] fixed note formatting --- .../kernel-dma-protection-for-thunderbolt.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md index 1e6bc6760a..74e8c2d67c 100644 --- a/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md +++ b/windows/security/information-protection/kernel-dma-protection-for-thunderbolt.md @@ -95,7 +95,7 @@ Beginning with Windows 10 version 1809, you can use Security Center to check if - Reboot system into Windows 10. >[!NOTE] - > **Hyper-V - Virtualization Enabled in Firmware** is not available when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is displayed. This means that **Hyper-V - Virtualization Enabled in Firmware** is set to Yes and the **Hyper-V** Windows feature is enabled. Enabling Hyper-V virtualization in Firmware (IOMMU) is required to enable **Kernel DMA Protection**, even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-kernel-dma-protection). + > **Hyper-V - Virtualization Enabled in Firmware** is not available when **A hypervisor has been detected. Features required for Hyper-V will not be displayed.** is displayed. This means that **Hyper-V - Virtualization Enabled in Firmware** is set to Yes and the **Hyper-V** Windows feature is enabled. Enabling Hyper-V virtualization in Firmware (IOMMU) is required to enable **Kernel DMA Protection**, even when the firmware has the flag of "ACPI Kernel DMA Protection Indicators" described in [Kernel DMA Protection (Memory Access Protection) for OEMs](https://docs.microsoft.com/windows-hardware/design/device-experiences/oem-kernel-dma-protection). 4. If the state of **Kernel DMA Protection** remains Off, then the system does not support this feature.