From 836f00270575fd48c914aff89f8d7da6705ee9a9 Mon Sep 17 00:00:00 2001 From: Reece Peacock <49645174+Reeced40@users.noreply.github.com> Date: Thu, 15 Oct 2020 11:09:03 +0200 Subject: [PATCH 1/8] Update exploit-protection.md Added link --- .../microsoft-defender-atp/exploit-protection.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md index e4174dddea..fcd55deef2 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md @@ -136,3 +136,4 @@ The table in this section indicates the availability and support of native mitig - [Configure and audit exploit protection mitigations](customize-exploit-protection.md) - [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md) - [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md) +- [Optimize ASR rule deployment and detections](threat-protection/microsoft-defender-atp/configure-machines-asr.md) From 3629c5cb32112a858b278455c6f8fc736ca1cbec Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 16 Oct 2020 10:57:23 +0500 Subject: [PATCH 2/8] Addition of release version Updated Windows defender release info for Windows 10 v2004 Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/8232 --- .../manage-updates-baselines-microsoft-defender-antivirus.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md index d352e882bd..2ddb595a1a 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md @@ -319,6 +319,7 @@ The below table provides the Microsoft Defender Antivirus platform and engine ve |Windows 10 release |Platform version |Engine version |Support phase | |-|-|-|-| +|2004 (20H1) |4.18.2004.6 |1.1.17000.2 | Technical upgrade Support (Only) | |1909 (19H2) |4.18.1902.5 |1.1.16700.3 | Technical upgrade Support (Only) | |1903 (19H1) |4.18.1902.5 |1.1.15600.4 | Technical upgrade Support (Only) | |1809 (RS5) |4.18.1807.18075 |1.1.15000.2 | Technical upgrade Support (Only) | From a7aeb696990ab838addd6e0feec8410d0a259ce7 Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Fri, 16 Oct 2020 22:13:18 +0500 Subject: [PATCH 3/8] Added Server 2019 This is already supported in Windows Server 2019 and it was missing in the applied to the section. Added this. Problem: https://github.com/MicrosoftDocs/windows-itpro-docs/issues/8205 --- .../windows-firewall/windows-firewall-with-advanced-security.md | 1 + 1 file changed, 1 insertion(+) diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md index 9718aa85cf..dcaa6efae5 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md @@ -22,6 +22,7 @@ ms.custom: asr **Applies to** - Windows 10 - Windows Server 2016 +- Windows Server 2019 This is an overview of the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features. From 3d423fb5480beef976597672b1ced7e55fd6050e Mon Sep 17 00:00:00 2001 From: ImranHabib <47118050+joinimran@users.noreply.github.com> Date: Sat, 17 Oct 2020 09:06:41 +0500 Subject: [PATCH 4/8] Update windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md Co-authored-by: Trond B. Krokli <38162891+illfated@users.noreply.github.com> --- .../windows-firewall-with-advanced-security.md | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md index dcaa6efae5..8a0b17a719 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md @@ -20,9 +20,9 @@ ms.custom: asr # Windows Defender Firewall with Advanced Security **Applies to** -- Windows 10 -- Windows Server 2016 -- Windows Server 2019 +- Windows 10 +- Windows Server 2016 +- Windows Server 2019 This is an overview of the Windows Defender Firewall with Advanced Security (WFAS) and Internet Protocol security (IPsec) features. @@ -49,4 +49,3 @@ To help address your organizational network security challenges, Windows Defende - **Extends the value of existing investments.**  Because Windows Defender Firewall is a host-based firewall that is included with the operating system, there is no additional hardware or software required. Windows Defender Firewall is also designed to complement existing non-Microsoft network security solutions through a documented application programming interface (API). - From 27cff86ad437310bb3016e6763761b0c81341b6f Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 21 Oct 2020 11:39:02 -0700 Subject: [PATCH 5/8] Update windows-firewall-with-advanced-security.md --- .../windows-firewall/windows-firewall-with-advanced-security.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md index 8a0b17a719..00b1374150 100644 --- a/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md +++ b/windows/security/threat-protection/windows-firewall/windows-firewall-with-advanced-security.md @@ -12,7 +12,7 @@ manager: dansimp audience: ITPro ms.collection: M365-security-compliance ms.topic: conceptual -ms.date: 10/13/2017 +ms.date: 10/21/2020 ms.reviewer: ms.custom: asr --- From 8f83290f03714a0103d3f88beb16a763371f4991 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 21 Oct 2020 11:41:49 -0700 Subject: [PATCH 6/8] Update exploit-protection.md --- .../microsoft-defender-atp/exploit-protection.md | 9 +++------ 1 file changed, 3 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md index fcd55deef2..7ba2b8b2d1 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md @@ -11,7 +11,7 @@ ms.localizationpriority: medium audience: ITPro author: denisebmsft ms.author: deniseb -ms.date: 04/02/2019 +ms.date: 10/21/2020 ms.reviewer: manager: dansimp ms.custom: asr @@ -65,7 +65,7 @@ DeviceEvents You can review the Windows event log to see events that are created when exploit protection blocks (or audits) an app: |Provider/source | Event ID | Description| -|---|---|---| +|:---|:---|:---| |Security-Mitigations | 1 | ACG audit | |Security-Mitigations | 2 | ACG enforce | |Security-Mitigations | 3 | Do not allow child processes audit | @@ -100,7 +100,7 @@ The mitigations available in EMET are included natively in Windows 10 (starting The table in this section indicates the availability and support of native mitigations between EMET and exploit protection. |Mitigation | Available under exploit protection | Available in EMET | -|---|---|---| +|:---|:---|:---| |Arbitrary code guard (ACG) | yes | yes
As "Memory Protection Check" | |Block remote images | yes | yes
As "Load Library Check" | |Block untrusted fonts | yes | yes | @@ -131,9 +131,6 @@ The table in this section indicates the availability and support of native mitig ## See also - [Protect devices from exploits](exploit-protection.md) -- [Evaluate exploit protection](evaluate-exploit-protection.md) -- [Enable exploit protection](enable-exploit-protection.md) - [Configure and audit exploit protection mitigations](customize-exploit-protection.md) -- [Import, export, and deploy exploit protection configurations](import-export-exploit-protection-emet-xml.md) - [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md) - [Optimize ASR rule deployment and detections](threat-protection/microsoft-defender-atp/configure-machines-asr.md) From e41ca707ce43195983823bcf849b1d0d090c95f2 Mon Sep 17 00:00:00 2001 From: Denise Vangel-MSFT Date: Wed, 21 Oct 2020 11:43:47 -0700 Subject: [PATCH 7/8] Update manage-updates-baselines-microsoft-defender-antivirus.md --- .../manage-updates-baselines-microsoft-defender-antivirus.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md index 2ddb595a1a..2b26a44de5 100644 --- a/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md +++ b/windows/security/threat-protection/microsoft-defender-antivirus/manage-updates-baselines-microsoft-defender-antivirus.md @@ -13,7 +13,7 @@ ms.author: deniseb ms.custom: nextgen ms.reviewer: manager: dansimp -ms.date: 10/08/2020 +ms.date: 10/21/2020 --- # Manage Microsoft Defender Antivirus updates and apply baselines From 1d7e0b17e1e0b680dd577d9eedae2e4dc7fc71e0 Mon Sep 17 00:00:00 2001 From: Gary Moore Date: Wed, 21 Oct 2020 13:41:30 -0700 Subject: [PATCH 8/8] Correcting path in a link This (should) fix the issue created by commit https://github.com/MicrosoftDocs/windows-docs-pr/pull/4048/commits/836f00270575fd48c914aff89f8d7da6705ee9a9 --- .../microsoft-defender-atp/exploit-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md index dd69f3115f..f9bb51fa10 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md +++ b/windows/security/threat-protection/microsoft-defender-atp/exploit-protection.md @@ -133,4 +133,4 @@ The table in this section indicates the availability and support of native mitig - [Protect devices from exploits](exploit-protection.md) - [Configure and audit exploit protection mitigations](customize-exploit-protection.md) - [Troubleshoot exploit protection](troubleshoot-exploit-protection-mitigations.md) -- [Optimize ASR rule deployment and detections](threat-protection/microsoft-defender-atp/configure-machines-asr.md) +- [Optimize ASR rule deployment and detections](configure-machines-asr.md)