diff --git a/browsers/edge/emie-to-improve-compatibility.md b/browsers/edge/emie-to-improve-compatibility.md index cffe549908..fc8a612b80 100644 --- a/browsers/edge/emie-to-improve-compatibility.md +++ b/browsers/edge/emie-to-improve-compatibility.md @@ -1,14 +1,15 @@ --- description: If you're having problems with Microsoft Edge, this topic tells how to use the Enterprise Mode site list to automatically open sites using IE11. ms.assetid: 89c75f7e-35ca-4ca8-96fa-b3b498b53bE4 -author: eross-msft +author: shortpatti +ms.author: pashort ms.prod: edge ms.mktglfcycl: support ms.sitesec: library ms.pagetype: appcompat title: Use Enterprise Mode to improve compatibility (Microsoft Edge for IT Pros) ms.localizationpriority: high -ms.date: 07/27/2017 +ms.date: 04/15/2018 --- # Use Enterprise Mode to improve compatibility @@ -19,8 +20,6 @@ If you have specific web sites and apps that you know have compatibility problem Using Enterprise Mode means that you can continue to use Microsoft Edge as your default browser, while also ensuring that your apps continue working on IE11. - -[@Reviewer: will RS5 have the need for the following note?] >[!NOTE] >If you want to use Group Policy to set Internet Explorer as your default browser, you can find the info here, [Set the default browser using Group Policy]( https://go.microsoft.com/fwlink/p/?LinkId=620714). diff --git a/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md b/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md index 8650b4702c..a607034785 100644 --- a/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md +++ b/browsers/internet-explorer/ie11-deploy-guide/enable-and-disable-add-ons-using-administrative-templates-and-group-policy.md @@ -3,19 +3,20 @@ ms.localizationpriority: low ms.mktglfcycl: deploy ms.pagetype: security description: Enable and disable add-ons using administrative templates and group policy -author: eross-msft +ms.author: pashort +author: shortpatti ms.prod: ie11 ms.assetid: c6fe1cd3-0bfc-4d23-8016-c9601f674c0b title: Enable and disable add-ons using administrative templates and group policy (Internet Explorer 11 for IT Pros) ms.sitesec: library -ms.date: 07/27/2017 +ms.date: 4/12/2018 --- # Enable and disable add-ons using administrative templates and group policy Add-ons let your employees personalize Internet Explorer. You can manage IE add-ons using Group Policy and Group Policy templates. -There are 4 types of add-ons: +There are four types of add-ons: - **Search Providers.** Type a term and see suggestions provided by your search provider. @@ -57,7 +58,7 @@ You can use the Local Group Policy Editor to change how add-ons work in your org 5. Close the Local Group Policy Editor when you’re done. ## Using the CLSID and Administrative Templates to manage group policy objects -Because every add-on has a Class ID (CLSID), you can use it to enable and disable specific add-ons, using Group Policy and Administrative Templates. +Every add-on has a Class ID (CLSID) that you use to enable and disable specific add-ons, using Group Policy and Administrative Templates. **To manage add-ons** @@ -65,22 +66,30 @@ Because every add-on has a Class ID (CLSID), you can use it to enable and disabl 1. Open IE, click **Tools**, and then click **Manage Add-ons**. - 2. Pick the add-on you want to change, and then right-click **More Information**. - - 3. Click **Copy** and then close **Manage Add-ons** and IE. + 2. Double-click the add-on you want to change. + 3. In the More Information dialog, click **Copy** and then click **Close**. + + 4. Open Notepad and paste the information for the add-on. + + 5. On the Manage Add-ons windows, click **Close**. + + 6. On the Internet Options dialog, click **Close** and then close IE. + 2. From the copied information, select and copy just the **Class ID** value. -3. Open the Group Policy Management Editor and go to `Computer Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management`. + >[!NOTE] + >You want to copy the curly brackets as well as the CLSID: **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**. + +3. Open the Group Policy Management Editor and go to: Computer Configuration\Policies\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management.
**-OR-**
-Open the Local Group Policy Editor and go to `Computer Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management`. +Open the Local Group Policy Editor and go to: User Configuration\Administrative Templates\Windows Components\Internet Explorer\Security Features\Add-on Management. -4. Open the **Add-on List** Group Policy Object, pick **Enabled**, and then click **Show**.
-**Show Contents** box appears. +4. Open the **Add-on List** Group Policy Object, select **Enabled**, and then click **Show**.
The Show Contents dialog appears. -5. In **Value Name**, put your copied Class ID. +6. In **Value Name**, paste the Class ID for your add-on, for example, **{47833539-D0C5-4125-9FA8-0819E2EAAC93}**. -6. In **Value**, put: +6. In **Value**, enter one of the following: - **0**. The add-on is disabled and your employees can’t change it. @@ -88,11 +97,12 @@ Open the Local Group Policy Editor and go to `Computer Configuration\Administrat - **2**. The add-on is enabled and your employees can change it. -7. Click **OK** and close the Group Policy editor. - -  - -  +7. Close the Show Contents dialog. +7. In the Group Policy editor, go to: Computer Configuration\Administrative Templates\Windows Components\Internet Explorer. +8. Double-click **Automatically activate/enable newly installed add-ons** and select **Enabled**.

Enabling turns off the message prompting you to Enable or Don't enable the add-on. +7. Click **OK** twice to close the Group Policy editor. + + \ No newline at end of file diff --git a/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md b/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md index 7bb09bf7a9..52ef3ff163 100644 --- a/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md +++ b/mdop/mbam-v25/upgrading-to-mbam-25-or-mbam-25-sp1-from-previous-versions.md @@ -130,7 +130,7 @@ Use the steps in the following sections to upgrade MBAM for the Stand-alone topo 6. Install and configure the MBAM 2.5 or 2.5 SP1 databases, reports, web applications, and Configuration Manager integration, in that order. The databases and Configuration Manager objects are upgraded in place. -7. Optionally, update the Group Policy Objects (GPOs), and edit the settings if you want to implement new features in MBAM, such as enforced encryption. If you do not update the GPOs, MBAM will continue to report against your current GPOs. See [How to Get MDOP Group Policy (.admx) Templates](http://www.microsoft.com/download/details.aspx?id=41183) to download the latest ADMX templates. +7. Optionally, update the Group Policy Objects (GPOs), and edit the settings if you want to implement new features in MBAM, such as enforced encryption. If you do not update the GPOs, MBAM will continue to report against your current GPOs. See [How to Get MDOP Group Policy (.admx) Templates](https://docs.microsoft.com/en-us/microsoft-desktop-optimization-pack/solutions/how-to-download-and-deploy-mdop-group-policy--admx--templates) to download the latest ADMX templates. After you upgrade the MBAM Server infrastructure, the existing client computers continue to successfully report to the MBAM 2.5 or 2.5 SP1 Server, and recovery data continues to be stored. diff --git a/windows/configuration/lock-down-windows-10-to-specific-apps.md b/windows/configuration/lock-down-windows-10-to-specific-apps.md index 94ac63a7a7..ef5ecb4d6b 100644 --- a/windows/configuration/lock-down-windows-10-to-specific-apps.md +++ b/windows/configuration/lock-down-windows-10-to-specific-apps.md @@ -18,7 +18,7 @@ ms.author: jdecker **Applies to** -- Windows 10 +- Windows 10 Pro, Enterprise, and Education A [kiosk device](set-up-a-kiosk-for-windows-10-for-desktop-editions.md) typically runs a single app, and users are prevented from accessing any features or functions on the device outside of the kiosk app. In Windows 10, version 1709, the [AssignedAccess configuration service provider (CSP)](https://docs.microsoft.com/windows/client-management/mdm/assignedaccess-csp) has been expanded to make it easy for administrators to create kiosks that run more than one app. diff --git a/windows/configuration/setup-kiosk-digital-signage.md b/windows/configuration/setup-kiosk-digital-signage.md index c9b84f0646..f8b3502b6d 100644 --- a/windows/configuration/setup-kiosk-digital-signage.md +++ b/windows/configuration/setup-kiosk-digital-signage.md @@ -16,7 +16,7 @@ ms.date: 03/30/2018 **Applies to** -- Windows 10 +- Windows 10 Pro, Enterprise, and Education diff --git a/windows/deployment/TOC.md b/windows/deployment/TOC.md index 81fe4b5d61..b0f27ea80e 100644 --- a/windows/deployment/TOC.md +++ b/windows/deployment/TOC.md @@ -238,6 +238,7 @@ ### [Change history for Update Windows 10](update/change-history-for-update-windows-10.md) ## [Windows Analytics](update/windows-analytics-overview.md) +### [Windows Analytics and privacy](update/windows-analytics-privacy.md) ### [Manage Windows upgrades with Upgrade Readiness](upgrade/manage-windows-upgrades-with-upgrade-readiness.md) #### [Upgrade Readiness architecture](upgrade/upgrade-readiness-architecture.md) #### [Upgrade Readiness requirements](upgrade/upgrade-readiness-requirements.md) diff --git a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md index 31159b1808..0b01d6d615 100644 --- a/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md +++ b/windows/deployment/update/windows-analytics-FAQ-troubleshooting.md @@ -8,7 +8,7 @@ ms.sitesec: library ms.pagetype: deploy author: jaimeo ms.author: jaimeo -ms.date: 04/03/2018 +ms.date: 04/05/2018 --- # Frequently asked questions and troubleshooting Windows Analytics @@ -219,46 +219,6 @@ Beyond the cost of Windows operating system licenses, there is no additional cos Note that different Azure Log Analytics plans have different data retention periods, and the Windows Analytics solutions inherit the workspace's data retention policy. So, for example, if your workspace is on the free plan then Windows Analytics will retain the last week's worth of "daily snapshots" that are collected in the workspace. -### How does Windows Analytics support privacy? - -Windows Analytics is fully committed to privacy, centering on these tenets: - -- **Transparency:** We fully document the Windows Analytics diagnostic events (see the links for additional information) so you can review them with your company’s security and compliance teams. The Diagnostic Data Viewer lets you see diagnostic data sent from a given device (see [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview) for details). -- **Control:** You ultimately control the level of diagnostic data you wish to share. In Windows 10 1709 we added a new policy to Limit enhanced diagnostic data to the minimum required by Windows Analytics -- **Security:** Your data is protected with strong security and encryption -- **Trust:** Windows Analytics supports the Microsoft Online Service Terms - -The following illustration shows how diagnostic data flows from individual devices through the Diagnostic Data Service, Azure Log Analytics storage, and to your Log Analytics workspace: - -[![Diagram illustrating flow of diagnostic data from devices](images/WA-data-flow-v1.png)](images/WA-data-flow-v1.png) - -The data flow sequence is as follows: - -1. Diagnostic data is sent from devices to the Microsoft Diagnostic Data Management service, which is hosted in the US. -2. An IT administrator creates an Azure Log Analytics workspace. The administrator chooses the location, copies the Commercial ID (which identifies that workspace), and then pushes Commercial ID to devices they want to monitor. This is the mechanism that specifies which devices appear in which workspaces. -3. Each day Microsoft produces a "snapshot" of IT-focused insights for each workspace in the Diagnostic Data Management service. -4. These snapshots are copied to transient storage which is used only by Windows Analytics (also hosted in US data centers) where they are segregated by Commercial ID. -5. The snapshots are then copied to the appropriate Azure Log Analytics workspace. -6. If the IT administrator is using the Upgrade Readiness solution, user input from the IT administrator (specifically, the target operating system release and the importance and upgrade readiness per app) is stored in the Windows Analytics Azure Storage. (Upgrade Readiness is the only Windows Analytics solution that takes such user input.) - - -See these topics for additional background information about related privacy issues: - -- [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization) -- [Windows 7, Windows 8, and Windows 8.1 Appraiser Telemetry Events, and Fields](https://go.microsoft.com/fwlink/?LinkID=822965) (link downloads a PDF file) -- [Windows 10, version 1703 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703) -- [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields) -- [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview) -- [Licensing Terms and Documentation](https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=31) -- [Learn about security and privacy at Microsoft datacenters](http://www.microsoft.com/datacenters) -- [Confidence in the trusted cloud](https://azure.microsoft.com/en-us/support/trust-center/) - -### Can Windows Analytics be used without a direct client connection to the Microsoft Data Management Service? -No, the entire service is powered by Windows diagnostic data, which requires that devices have this direct connectivity. - -### Can I choose the data center location? -Yes for Azure Log Analytics, but no for the Microsoft Data Management Service (which is hosted in the US). - ### Why do SCCM and Upgrade Readiness show different counts of devices that are ready to upgrade? System Center Configuration Manager (SCCM) considers a device ready to upgrade if *no installed app* has an upgrade decision of “not ready” (that is, they are all "ready" or "in progress"), while Upgrade Readiness considers a device ready to upgrade only if *all* installed apps are marked “ready”.   diff --git a/windows/deployment/update/windows-analytics-privacy.md b/windows/deployment/update/windows-analytics-privacy.md new file mode 100644 index 0000000000..89e9d3bc49 --- /dev/null +++ b/windows/deployment/update/windows-analytics-privacy.md @@ -0,0 +1,52 @@ +--- +title: Windows Analytics and privacy +description: How Windows Analytics uses data +keywords: windows analytics, oms, privacy, data, diagnostic, operations management suite, prerequisites, requirements, updates, upgrades, log analytics, health, FAQ, problems, troubleshooting, error +ms.prod: w10 +ms.mktglfcycl: deploy +ms.sitesec: library +ms.pagetype: deploy +author: jaimeo +ms.author: jaimeo +ms.date: 04/05/2018 +--- + +# Windows Analytics and privacy + +Windows Analytics is fully committed to privacy, centering on these tenets: + +- **Transparency:** We fully document the Windows Analytics diagnostic events (see the links for additional information) so you can review them with your company’s security and compliance teams. The Diagnostic Data Viewer lets you see diagnostic data sent from a given device (see [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview) for details). +- **Control:** You ultimately control the level of diagnostic data you wish to share. In Windows 10 1709 we added a new policy to Limit enhanced diagnostic data to the minimum required by Windows Analytics +- **Security:** Your data is protected with strong security and encryption +- **Trust:** Windows Analytics supports the Microsoft Online Service Terms + +The following illustration shows how diagnostic data flows from individual devices through the Diagnostic Data Service, Azure Log Analytics storage, and to your Log Analytics workspace: + +[![Diagram illustrating flow of diagnostic data from devices](images/WA-data-flow-v1.png)](images/WA-data-flow-v1.png) + +The data flow sequence is as follows: + +1. Diagnostic data is sent from devices to the Microsoft Diagnostic Data Management service, which is hosted in the US. +2. An IT administrator creates an Azure Log Analytics workspace. The administrator chooses the location, copies the Commercial ID (which identifies that workspace), and then pushes Commercial ID to devices they want to monitor. This is the mechanism that specifies which devices appear in which workspaces. +3. Each day Microsoft produces a "snapshot" of IT-focused insights for each workspace in the Diagnostic Data Management service. +4. These snapshots are copied to transient storage which is used only by Windows Analytics (also hosted in US data centers) where they are segregated by Commercial ID. +5. The snapshots are then copied to the appropriate Azure Log Analytics workspace. +6. If the IT administrator is using the Upgrade Readiness solution, user input from the IT administrator (specifically, the target operating system release and the importance and upgrade readiness per app) is stored in the Windows Analytics Azure Storage. (Upgrade Readiness is the only Windows Analytics solution that takes such user input.) + + +See these topics for additional background information about related privacy issues: + +- [Configure Windows diagnostic data in your organization](https://docs.microsoft.com/windows/configuration/configure-windows-diagnostic-data-in-your-organization) +- [Windows 7, Windows 8, and Windows 8.1 Appraiser Telemetry Events, and Fields](https://go.microsoft.com/fwlink/?LinkID=822965) (link downloads a PDF file) +- [Windows 10, version 1703 basic level Windows diagnostic events and fields](https://docs.microsoft.com/windows/configuration/basic-level-windows-diagnostic-events-and-fields-1703) +- [Windows 10, version 1709 enhanced diagnostic data events and fields used by Windows Analytics](https://docs.microsoft.com/windows/configuration/enhanced-diagnostic-data-windows-analytics-events-and-fields) +- [Diagnostic Data Viewer Overview](https://docs.microsoft.com/windows/configuration/diagnostic-data-viewer-overview) +- [Licensing Terms and Documentation](https://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=31) +- [Learn about security and privacy at Microsoft datacenters](http://www.microsoft.com/datacenters) +- [Confidence in the trusted cloud](https://azure.microsoft.com/en-us/support/trust-center/) + +### Can Windows Analytics be used without a direct client connection to the Microsoft Data Management Service? +No, the entire service is powered by Windows diagnostic data, which requires that devices have this direct connectivity. + +### Can I choose the data center location? +Yes for Azure Log Analytics, but no for the Microsoft Data Management Service (which is hosted in the US). diff --git a/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md index 3cdfa39794..dc3ee14438 100644 --- a/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/steps-to-deploy-windows-defender-application-control.md @@ -119,62 +119,63 @@ Microsoft recommends that you block the following Microsoft-signed applications - - - - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + @@ -400,56 +401,56 @@ Microsoft recommends that you block the following Microsoft-signed applications - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + - - + + @@ -458,7 +459,7 @@ Microsoft recommends that you block the following Microsoft-signed applications - + @@ -468,21 +469,21 @@ Microsoft recommends that you block the following Microsoft-signed applications - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + @@ -493,32 +494,721 @@ Microsoft recommends that you block the following Microsoft-signed applications - - - - - - - - - - - - - - - - - - - - - - - - - - + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + 0 + + + 10.0.0.0 + {A244370E-44C9-4C06-B551-F6016E563076} + {2E07F7E4-194C-4D20-B7C9-6F44A6C5A234} + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md index fec3ab9056..64d10e48a1 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/utilize-microsoft-cloud-protection-windows-defender-antivirus.md @@ -9,9 +9,9 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: iaanw -ms.author: iawilt -ms.date: 11/20/2017 +author: andreabichsel +ms.author: v-anbic +ms.date: 04/17/2018 --- # Utilize Microsoft cloud-delivered protection in Windows Defender Antivirus @@ -24,20 +24,34 @@ ms.date: 11/20/2017 - Enterprise security administrators -Cloud-delivered protection for Windows Defender Antivirus, also referred to as Microsoft Advanced Protection Service (MAPS), provides you with strong, fast protection in addition to our standard real-time protection. +Microsoft next-gen technologies in Windows Defender Antivirus provide near-instant, automated protection against new and emerging threats. To dynamically identify new threats, these technologies work with large sets of interconnected data in the Microsoft Intelligent Security Graph and powerful artificial intelligence (AI) systems driven by advanced machine learning models. +To take advantage of the power and speed of these next-gen technologies, Windows Defender Antivirus works seamlessly with Microsoft cloud services. These cloud protection services, also referred to as Microsoft Advanced Protection Service (MAPS), enhances standard real-time protection, providing arguably the best antivirus defense. >[!NOTE] >The Windows Defender Antivirus cloud service is a mechanism for delivering updated protection to your network and endpoints. Although it is called a cloud service, it is not simply protection for files stored in the cloud, rather it uses distributed resources and machine learning to deliver protection to your endpoints at a rate that is far faster than traditional signature updates. -Enabling cloud-delivered protection helps detect and block new malware - even if the malware has never been seen before - without needing to wait for a traditionally delivered definition update to block it. Definition updates can take hours to prepare and deliver, while our cloud service can deliver updated protection in seconds. - -The following video describes how it works: +With cloud-delivered protection, next-gen technologies provide rapid identification of new threats, sometimes even before a single machine is infected. Watch the following video about Microsoft AI and Windows Defender Antivirus in action: + + +To understand how next-gen technologies shorten protection delivery time through the cloud, watch the following video: + +Read the following blogposts for detailed protection stories involving cloud-protection and Microsoft AI: + +- [Why Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise/) +- [Behavior monitoring combined with machine learning spoils a massive Dofoil coin mining campaign](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/) +- [How artificial intelligence stopped an Emotet outbreak](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/) +- [Detonating a bad rabbit: Windows Defender Antivirus and layered machine learning defenses](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/) +- [Windows Defender Antivirus cloud protection service: Advanced real-time defense against never-before-seen malware](https://cloudblogs.microsoft.com/microsoftsecure/2017/07/18/windows-defender-antivirus-cloud-protection-service-advanced-real-time-defense-against-never-before-seen-malware/) + +## Get cloud-delivered protection + Cloud-delivered protection is enabled by default, however you may need to re-enable it if it has been disabled as part of previous organizational policies. >[!TIP] diff --git a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md index c2a9edb814..3a8432cbaf 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md +++ b/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10.md @@ -9,9 +9,9 @@ ms.mktglfcycl: manage ms.sitesec: library ms.pagetype: security ms.localizationpriority: medium -author: iaanw -ms.author: iawilt -ms.date: 11/20/2017 +author: andreabichsel +ms.author: v-anbic +ms.date: 04/17/2018 --- # Windows Defender Antivirus in Windows 10 and Windows Server 2016 @@ -38,7 +38,7 @@ It can be configured with: - Group Policy Some of the highlights of Windows Defender AV include: -- [Cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for near-instant detection and blocking of new and emerging threats +- [Cloud-delivered protection](utilize-microsoft-cloud-protection-windows-defender-antivirus.md) for near-instant detection and blocking of new and emerging threats. Along with machine learning and the Intelligent Security Graph, cloud-delivered protection is part of the next-gen technologies that power Windows Defender Antivirus. - [Always-on scanning](configure-real-time-protection-windows-defender-antivirus.md), using advanced file and process behavior monitoring and other heuristics (also known as "real-time protection") - [Dedicated protection updates](manage-updates-baselines-windows-defender-antivirus.md) based on machine-learning, human and automated big-data analysis, and in-depth threat resistance research