From 3ba6e65b92bc3abb626284ad0706aae831e7aa39 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Fri, 17 Aug 2018 16:30:01 -0700 Subject: [PATCH 01/20] added av reports --- .../threat-protection/intelligence/TOC.md | 2 + .../intelligence/transparency-report.md | 90 +++++++++++++++++++ 2 files changed, 92 insertions(+) create mode 100644 windows/security/threat-protection/intelligence/transparency-report.md diff --git a/windows/security/threat-protection/intelligence/TOC.md b/windows/security/threat-protection/intelligence/TOC.md index 73449a6a2c..86d4f40296 100644 --- a/windows/security/threat-protection/intelligence/TOC.md +++ b/windows/security/threat-protection/intelligence/TOC.md @@ -34,6 +34,8 @@ ## [Safety Scanner download](safety-scanner-download.md) +## [Industry antivirus tests](transparency-report.md) + ## [Industry collaboration programs](cybersecurity-industry-partners.md) ### [Virus information alliance](virus-information-alliance-criteria.md) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md new file mode 100644 index 0000000000..c3f5d23e0c --- /dev/null +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -0,0 +1,90 @@ +--- +title: Industry antivirus tests +description: Industry antivirus tests landing page +keywords: security, malware +ms.prod: w10 +ms.mktglfcycl: secure +ms.sitesec: library +ms.localizationpriority: medium +ms.author: ellevin +author: levinec +ms.date: 08/17/2018 +--- + +# Top scoring in industry antivirus tests + +[Antivirus capabilities](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-blog-mmpc) in Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc)) **consistently achieve high scores** from independent tests, displaying how Windows Defender ATP is a top choice in the antivirus market. + +We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections. + +In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender ATP's [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. + +Learn why [most enterprises use the antivirus capabilities in Windows Defender ATP](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). + +



+![Logo](./images/av-test-logo.png) + +## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test + +The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the protection category which has two scores: real world testing and the AV-TEST reference set (known as "prevalent malware"). + +**Real-World testing** as defined by AV-TEST refers to protection against zero-day malware attacks, inclusive of web and email threats. + +**Prevalent malware** as defined by AV-TEST refers to detection of widespread and prevalent malware discovered in the last four weeks. + +Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-TEST evaluation. + +The below scores are the results of AV-TEST's evaluations on **Windows Defender ATP antivirus capabilities**. + +|Month (2018)|Real-World test score| Prevalent malware test score | AV-TEST report| Microsoft analysis| +|---|---|---|---|---| +|January| 100.00%| 99.92%| [Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| +|February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| +March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| +April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| +May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|Analysis pending| +June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|Analysis pending| + +||| +|---|---| +|![Real-World](./images/RealWorld-67-percent.png)|![Prevalent Malware](./images/PrevalentMalware-67-percent.png)| +

+ +![Logo](./images/av-comparatives-logo-3.png) + +## AV-Comparatives: Perfect protection rating of 100% in the latest test + +AV-Comparatives is an independent organization offering systematic testing for security software such as PC/Mac-based antivirus products and mobile security solutions. + +The **Real-World Protection Test (Enterprise)** as defined by AV-Comparatives evaluates the “real-world” protection capabilities with default settings. The goal is to find out whether the security software protects the computer by either hindering the malware from changing any systems or remediating all changes if any were made. + +The **Malware Protection Test Enterprise** as defined by AV-Comparatives assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution. It is only tested every *six months*. + +Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-Comparatives evaluation. + +The below scores are the results of AV-Comparatives tests on **Windows Defender ATP antivirus capabilities**. The scores are specifically for the ability to block malware. + +|Month (2018)| Real-World test score| Malware test score (every 6 months)| +|---|---|---| +|February| 100.00%| N/A| +|March| 94.40%| 99.90%| +|April| 96.40%%| N/A| +|May| 100.00%| N/A| +|June| 99.50%%| N/A| +|July| 100.00%| N/A| + +* [Real-World Protection Test (Enterprise) July 2018](https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/) + +* [Real-World Protection Test (Enterprise) February - June 2018](https://www.av-comparatives.org/tests/real-world-protection-test-february-june-2018/) + +* [Malware Protection Test Enterprise March 2018](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-march-2018-testresult/) + +## To what extent are tests representative of protection in the real world? + +It is important to remember that the capabilities within [Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/) that are not factored into AV tests. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. + +There are other technologies in nearly every endpoint security suite that address some of the latest and most sophisticated threats, but are not represented in AV tests. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. + + Customers need more comprehensive reports that demonstrate end to end protections, but until then customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc) today, or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection). + +![ATP](./images/wdatp-pillars2.png) From a6515a25bfbac3c5af174887c4fe60db06a0ff50 Mon Sep 17 00:00:00 2001 From: Mihai Peicu <41653989+MihaiSP@users.noreply.github.com> Date: Mon, 20 Aug 2018 19:12:32 -0700 Subject: [PATCH 02/20] Update firewall-csp.md --- windows/client-management/mdm/firewall-csp.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/client-management/mdm/firewall-csp.md b/windows/client-management/mdm/firewall-csp.md index 2a75d65c24..4d654c47d2 100644 --- a/windows/client-management/mdm/firewall-csp.md +++ b/windows/client-management/mdm/firewall-csp.md @@ -266,9 +266,9 @@ Sample syncxml to provision the firewall settings to evaluate
  • "DNS"
  • "WINS"
  • "Intranet"
    • -
  • "RemoteCorpNetwork"
    • +
  • "RmtIntranet"
  • "Internet"
    • -
  • "PlayToRenderers"
    • +
  • "Ply2Renders"
  • "LocalSubnet" indicates any local address on the local subnet. This token is not case-sensitive.
  • A subnet can be specified using either the subnet mask or network prefix notation. If neither a subnet mask not a network prefix is specified, the subnet mask defaults to 255.255.255.255.
  • A valid IPv6 address.
    • From 92fafba25adad94eec0603a7004e7adda9117331 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Tue, 21 Aug 2018 08:51:33 -0700 Subject: [PATCH 03/20] removed percent signs --- .../threat-protection/intelligence/transparency-report.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index c3f5d23e0c..ea3e86f3e9 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -68,9 +68,9 @@ The below scores are the results of AV-Comparatives tests on **Windows Defender |---|---|---| |February| 100.00%| N/A| |March| 94.40%| 99.90%| -|April| 96.40%%| N/A| +|April| 96.40%| N/A| |May| 100.00%| N/A| -|June| 99.50%%| N/A| +|June| 99.50%| N/A| |July| 100.00%| N/A| * [Real-World Protection Test (Enterprise) July 2018](https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/) From 123e310cf6fd734bb63653edc83eb82b08a5730d Mon Sep 17 00:00:00 2001 From: Patti Short <35278231+shortpatti@users.noreply.github.com> Date: Tue, 21 Aug 2018 13:31:32 -0700 Subject: [PATCH 04/20] Update vpn-profile-options.md Corrected the OMA-URI example in the Apply ProfileXML using Intune section. --- windows/security/identity-protection/vpn/vpn-profile-options.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/windows/security/identity-protection/vpn/vpn-profile-options.md b/windows/security/identity-protection/vpn/vpn-profile-options.md index 01948e0ca4..3051e37b8b 100644 --- a/windows/security/identity-protection/vpn/vpn-profile-options.md +++ b/windows/security/identity-protection/vpn/vpn-profile-options.md @@ -304,7 +304,7 @@ After you configure the settings that you want using ProfileXML, you can apply i 5. Choose **Windows 10 and later** as the platform. 6. Choose **Custom** as the profile type and click **Add**. 8. Enter a name and (optionally) a description. -9. Enter the OMA-URI **./user/vendor/MSFT/_VPN profile name_/ProfileXML**. +9. Enter the OMA-URI **./user/vendor/MSFT/VPNv2/_VPN profile name_/ProfileXML**. 10. Set Data type to **String (XML file)**. 11. Upload the profile XML file. 12. Click **OK**. From f8ef9ce03b59379a76725f3add3fcb8e0411f9e3 Mon Sep 17 00:00:00 2001 From: MatthewMWR Date: Tue, 21 Aug 2018 14:50:47 -0700 Subject: [PATCH 05/20] Removing Windows Server from DH onboarding doc This was meant to be removed ages ago, but I just noticed it is still there. --- windows/deployment/update/device-health-monitor.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/deployment/update/device-health-monitor.md b/windows/deployment/update/device-health-monitor.md index 6e78e96a31..e8341b6fea 100644 --- a/windows/deployment/update/device-health-monitor.md +++ b/windows/deployment/update/device-health-monitor.md @@ -45,7 +45,6 @@ Use of Windows Analytics Device Health requires one of the following licenses: - Windows 10 Enterprise E3 or E5 per-device or per-user subscription (including Microsoft 365 F1, E3, or E5) - Windows 10 Education A3 or A5 (including Microsoft 365 Education A3 or A5) - Windows VDA E3 or E5 per-device or per-user subscription -- Windows Server 2016 and on You don't have to install Windows 10 Enterprise on a per-device basis--you just need enough of the above licenses for the number of devices using Device Health. From 0b3aa574078d24c325cf51bca0150512a9af0121 Mon Sep 17 00:00:00 2001 From: MatthewMWR Date: Tue, 21 Aug 2018 15:29:33 -0700 Subject: [PATCH 06/20] Remove non-existing field, and proposing a section to summarize revisions. Remove non-existing field PartA_UserSid, and proposing a new section to summarize revisions. --- ...d-diagnostic-data-windows-analytics-events-and-fields.md | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md index 9d31869696..3f4c11004e 100644 --- a/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md +++ b/windows/privacy/enhanced-diagnostic-data-windows-analytics-events-and-fields.md @@ -109,7 +109,6 @@ The following fields are available: - **isSystemManagedAccount:** Indicates if the user's account is System Managed - **isUnlockScenario:** Flag indicating whether the event is a Logon or an Unlock -- **PartA_UserSid:** The security identifier of the user - **userType:** Indicates the user type: 0 = unknown; 1 = local; 2 = Active Directory domain user; 3 = Microsoft Account; 4 = Azure Active Directory user ## Microsoft.Windows.LogonController.SignInFailure @@ -251,3 +250,8 @@ The following fields are available: - **WindowFlags:** Flags denoting runtime properties of an app window - **WindowHeight:** Number of vertical pixels in the application window - **WindowWidth:** Number of horizontal pixels in the application window + +# Revisions to the diagnostic data events and fields + +## PartA_UserSid removed +A previous revision of this list stated that a field named PartA_UserSid was a member of the event Microsoft.Windows.LogonController.LogonAndUnlockSubmit. This was incorrect. The list has been updated to reflect that no such field is present in the event. Note that you can use the Windows Diagnostic Data Viewer to review the contents of the event. From b9ca49ec597634978fe60aaaf0463c04bec25f22 Mon Sep 17 00:00:00 2001 From: andreiztm Date: Wed, 22 Aug 2018 11:23:33 +0300 Subject: [PATCH 07/20] Fix bullet list under the Installation notes The bullet list did not contain any break lines and was listed on the same line. --- windows/deployment/update/servicing-stack-updates.md | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/windows/deployment/update/servicing-stack-updates.md b/windows/deployment/update/servicing-stack-updates.md index 16dd909dd8..23321eb5ad 100644 --- a/windows/deployment/update/servicing-stack-updates.md +++ b/windows/deployment/update/servicing-stack-updates.md @@ -34,6 +34,6 @@ Typically, the improvements are reliability, security, and performance improveme ## Installation notes -• Servicing stack updates contain the full servicing stack; as a result, typically administrators only need to install the latest servicing stack update for the operating system. -• Installing servicing stack update does not require restarting the device, so installation should not be disruptive. -• Servicing stack update releases are specific to the operating system version (build number), much like quality updates. +* Servicing stack updates contain the full servicing stack; as a result, typically administrators only need to install the latest servicing stack update for the operating system. +* Installing servicing stack update does not require restarting the device, so installation should not be disruptive. +* Servicing stack update releases are specific to the operating system version (build number), much like quality updates. From 21b0bd7ffbdab9e97b25839faa293a7842b8d3c9 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 22 Aug 2018 09:13:44 -0700 Subject: [PATCH 08/20] update AV language --- .../threat-protection/intelligence/transparency-report.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index ea3e86f3e9..67003cd341 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -13,13 +13,13 @@ ms.date: 08/17/2018 # Top scoring in industry antivirus tests -[Antivirus capabilities](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-blog-mmpc) in Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc)) **consistently achieve high scores** from independent tests, displaying how Windows Defender ATP is a top choice in the antivirus market. +[Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-blog-mmpc) **consistently achieves high scores** from independent tests, displaying how it is a top choice in the antivirus market. We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections. In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender ATP's [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. -Learn why [most enterprises use the antivirus capabilities in Windows Defender ATP](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). +Learn why [most enterprises use Windows Defender Antivirus](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10).



    ![Logo](./images/av-test-logo.png) @@ -34,7 +34,7 @@ The AV-TEST Product Review and Certification Report tests on three categories: p Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-TEST evaluation. -The below scores are the results of AV-TEST's evaluations on **Windows Defender ATP antivirus capabilities**. +The below scores are the results of AV-TEST's evaluations on **Windows Defender Antivirus**. |Month (2018)|Real-World test score| Prevalent malware test score | AV-TEST report| Microsoft analysis| |---|---|---|---|---| @@ -62,7 +62,7 @@ The **Malware Protection Test Enterprise** as defined by AV-Comparatives assesse Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-Comparatives evaluation. -The below scores are the results of AV-Comparatives tests on **Windows Defender ATP antivirus capabilities**. The scores are specifically for the ability to block malware. +The below scores are the results of AV-Comparatives tests on **Windows Defender Antivirus**. The scores are specifically for the ability to block malware. |Month (2018)| Real-World test score| Malware test score (every 6 months)| |---|---|---| From a609a654b257c83fadc065d7eed27080f624f71c Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 22 Aug 2018 11:21:18 -0700 Subject: [PATCH 09/20] added transparency report --- .../threat-protection/intelligence/transparency-report.md | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index 67003cd341..d2f2dc4aec 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -26,6 +26,8 @@ Learn why [most enterprises use Windows Defender Antivirus](https://docs.microso ## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test +**[Analysis of the latest AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)** + The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the protection category which has two scores: real world testing and the AV-TEST reference set (known as "prevalent malware"). **Real-World testing** as defined by AV-TEST refers to protection against zero-day malware attacks, inclusive of web and email threats. @@ -42,8 +44,8 @@ The below scores are the results of AV-TEST's evaluations on **Windows Defender |February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| -May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|Analysis pending| -June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|Analysis pending| +May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| +June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| ||| |---|---| From 98f23cc6edd73732cccb9f4e93989a8dfd152e0b Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 22 Aug 2018 13:57:29 -0700 Subject: [PATCH 10/20] removed partner center --- windows/deployment/windows-autopilot/windows-10-autopilot.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/windows/deployment/windows-autopilot/windows-10-autopilot.md b/windows/deployment/windows-autopilot/windows-10-autopilot.md index 794e515940..e73d7727a0 100644 --- a/windows/deployment/windows-autopilot/windows-10-autopilot.md +++ b/windows/deployment/windows-autopilot/windows-10-autopilot.md @@ -1,7 +1,7 @@ --- title: Overview of Windows Autopilot description: This topic goes over Windows Autopilot and how it helps setup OOBE Windows 10 devices. -keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune +keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, msfb, intune ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium @@ -9,7 +9,7 @@ ms.sitesec: library ms.pagetype: deploy author: coreyp-at-msft ms.author: coreyp -ms.date: 05/09/2018 +ms.date: 08/22/2018 --- # Overview of Windows Autopilot @@ -89,7 +89,6 @@ For guidance on how to register devices, configure and apply deployment profiles * [Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles) * [Microsoft Intune](https://docs.microsoft.com/intune/enrollment-autopilot) * [Microsoft 365 Business & Office 365 Admin](https://support.office.com/article/Create-and-edit-Autopilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa) -* [Partner Center](https://msdn.microsoft.com/partner-center/autopilot) ##### Configure company branding for OOBE From fe72cd0dd363b7daaea008d7183863a00be43a80 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 22 Aug 2018 14:01:17 -0700 Subject: [PATCH 11/20] wording update --- .../intelligence/transparency-report.md | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index d2f2dc4aec..a89924060f 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -19,14 +19,15 @@ We want to be transparent and have gathered top industry reports that demonstrat In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender ATP's [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. -Learn why [most enterprises use Windows Defender Antivirus](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). +> [!TIP] +> Learn why [most enterprises use Windows Defender Antivirus](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10).



    ![Logo](./images/av-test-logo.png) ## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test -**[Analysis of the latest AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)** +**[Analysis of the latest AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)** The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the protection category which has two scores: real world testing and the AV-TEST reference set (known as "prevalent malware"). @@ -44,12 +45,12 @@ The below scores are the results of AV-TEST's evaluations on **Windows Defender |February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| -May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| -June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| +May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) **Latest**|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| +June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) **Latest**|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| ||| |---|---| -|![Real-World](./images/RealWorld-67-percent.png)|![Prevalent Malware](./images/PrevalentMalware-67-percent.png)| +|![Graph describing Real-World detection rate](./images/RealWorld-67-percent.png)|![Prevalent Malware](./images/PrevalentMalware-67-percent.png)|

    ![Logo](./images/av-comparatives-logo-3.png) @@ -87,6 +88,6 @@ It is important to remember that the capabilities within [Windows Defender ATP]( There are other technologies in nearly every endpoint security suite that address some of the latest and most sophisticated threats, but are not represented in AV tests. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. - Customers need more comprehensive reports that demonstrate end to end protections, but until then customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc) today, or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection). +Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection). ![ATP](./images/wdatp-pillars2.png) From 6584ff0b3f9dad1a30545144a52d7325fda4d23b Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Wed, 22 Aug 2018 14:14:51 -0700 Subject: [PATCH 12/20] removed link --- windows/deployment/windows-autopilot/TOC.md | 1 - 1 file changed, 1 deletion(-) diff --git a/windows/deployment/windows-autopilot/TOC.md b/windows/deployment/windows-autopilot/TOC.md index 13ef2ce85b..ac183ef6d1 100644 --- a/windows/deployment/windows-autopilot/TOC.md +++ b/windows/deployment/windows-autopilot/TOC.md @@ -17,7 +17,6 @@ ### [Administering Autopilot via Microsoft Store for Business](https://docs.microsoft.com/microsoft-store/add-profile-to-devices#manage-autopilot-deployment-profiles) ### [Administering Autopilot via Microsoft Intune](https://docs.microsoft.com/intune/enrollment-autopilot) ### [Administering Autopilot via Microsoft 365 Business & Office 365 Admin portal](https://support.office.com/article/Create-and-edit-Autopilot-profiles-5cf7139e-cfa1-4765-8aad-001af1c74faa) -### [Administering Autopilot via Partner Center](https://msdn.microsoft.com/partner-center/autopilot) ## Getting started ### [Demonstrate Autopilot deployment on a VM](demonstrate-deployment-on-vm.md) ## [Troubleshooting](troubleshooting.md) From 32cc9bf60f38370ae040ff35676561aed327b25f Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Wed, 22 Aug 2018 16:33:27 -0700 Subject: [PATCH 13/20] ocid --- .../intelligence/transparency-report.md | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index a89924060f..90812ff15b 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -13,17 +13,17 @@ ms.date: 08/17/2018 # Top scoring in industry antivirus tests -[Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-blog-mmpc) **consistently achieves high scores** from independent tests, displaying how it is a top choice in the antivirus market. +[Windows Defender Antivirus](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10?ocid=cx-docs-avreports) **consistently achieves high scores** from independent tests, displaying how it is a top choice in the antivirus market. We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections. -In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender ATP's [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. +In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc)) [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. > [!TIP] -> Learn why [most enterprises use Windows Defender Antivirus](https://docs.microsoft.com/windows/threat-protection/windows-defender-antivirus/windows-defender-antivirus-in-windows-10). +> Learn why [Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise/).



    -![Logo](./images/av-test-logo.png) +![AV-TEST logo](./images/av-test-logo.png) ## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test @@ -50,10 +50,10 @@ June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/b ||| |---|---| -|![Graph describing Real-World detection rate](./images/RealWorld-67-percent.png)|![Prevalent Malware](./images/PrevalentMalware-67-percent.png)| +|![Graph describing Real-World detection rate](./images/RealWorld-67-percent.png)|![Graph describing Prevalent Malware](./images/PrevalentMalware-67-percent.png)|

    -![Logo](./images/av-comparatives-logo-3.png) +![AV-Comparatives Logo](./images/av-comparatives-logo-3.png) ## AV-Comparatives: Perfect protection rating of 100% in the latest test From 784027a7d3330ac7bcaf6250f0321c85ff7c0d08 Mon Sep 17 00:00:00 2001 From: peteregerton <30479892+peteregerton@users.noreply.github.com> Date: Thu, 23 Aug 2018 13:16:02 +0100 Subject: [PATCH 14/20] Incorrect Windows version stated Changed v 1802 to v1803 --- browsers/edge/includes/allow-config-updates-books-include.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/browsers/edge/includes/allow-config-updates-books-include.md b/browsers/edge/includes/allow-config-updates-books-include.md index 325293262e..ee403d0ebc 100644 --- a/browsers/edge/includes/allow-config-updates-books-include.md +++ b/browsers/edge/includes/allow-config-updates-books-include.md @@ -1,5 +1,5 @@ ->*Supported versions: Microsoft Edge on Windows 10, version 1802 or later*
    +>*Supported versions: Microsoft Edge on Windows 10, version 1803 or later*
    >*Default setting: Enabled or not configured (Allowed)* [!INCLUDE [allow-configuration-updates-for-books-library-shortdesc](../shortdesc/allow-configuration-updates-for-books-library-shortdesc.md)] From f5bf846839bb73c7af78f0d3d89a6ed99dbed1a8 Mon Sep 17 00:00:00 2001 From: peteregerton <30479892+peteregerton@users.noreply.github.com> Date: Thu, 23 Aug 2018 13:17:13 +0100 Subject: [PATCH 15/20] Incorrect Windows version Changed v1802 to v1803 --- .../edge/includes/allow-ext-telemetry-books-tab-include.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md index 5d516b75b6..68b5ecc3da 100644 --- a/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md +++ b/browsers/edge/includes/allow-ext-telemetry-books-tab-include.md @@ -1,5 +1,5 @@ ->*Supported versions: Microsoft Edge on Windows 10, version 1802 or later*
    +>*Supported versions: Microsoft Edge on Windows 10, version 1803 or later*
    >*Default setting: Disabled or not configured (Gather and send only basic diagnostic data)* [!INCLUDE [allow-extended-telemetry-for-books-tab-shortdesc](../shortdesc/allow-extended-telemetry-for-books-tab-shortdesc.md)] @@ -32,4 +32,4 @@ - **Value type:** REG_DWORD -
    \ No newline at end of file +
    From 072f69671a6930dcc2d5a74de163b97e2cf0722c Mon Sep 17 00:00:00 2001 From: bertdeb Date: Thu, 23 Aug 2018 11:08:08 -0400 Subject: [PATCH 16/20] Update high-level-architecture-of-mbam-25-with-stand-alone-topology.md Removed erroneous inclusion of clients communicating directly with recovery database. --- ...h-level-architecture-of-mbam-25-with-stand-alone-topology.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md index c494392cfe..1287ee6b02 100644 --- a/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md +++ b/mdop/mbam-v25/high-level-architecture-of-mbam-25-with-stand-alone-topology.md @@ -109,7 +109,7 @@ This feature is configured on a computer running Windows Server. The **monitoring web services** are used by the MBAM Client and the websites to communicate to the database. **Important**   -The Monitoring Web Service is no longer available in Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 SP1 since the MBAM Client and the websites communicate directly with the Recovery Database. +The Monitoring Web Service is no longer available in Microsoft BitLocker Administration and Monitoring (MBAM) 2.5 SP1 since the MBAM websites communicate directly with the Recovery Database.   From 7a6d86e03a6a335abd63027caacdec8b88653151 Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 23 Aug 2018 09:41:57 -0700 Subject: [PATCH 17/20] Wording updates --- .../intelligence/transparency-report.md | 26 ++++++++----------- 1 file changed, 11 insertions(+), 15 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index 90812ff15b..420c66d18a 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -31,11 +31,9 @@ In the real world, millions of devices are protected from cyberattacks every day The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the protection category which has two scores: real world testing and the AV-TEST reference set (known as "prevalent malware"). -**Real-World testing** as defined by AV-TEST refers to protection against zero-day malware attacks, inclusive of web and email threats. +**Real-World testing** as defined by AV-TEST attempts to test protection against zero-day malware attacks, inclusive of web and email threats. -**Prevalent malware** as defined by AV-TEST refers to detection of widespread and prevalent malware discovered in the last four weeks. - -Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-TEST evaluation. +**Prevalent malware** as defined by AV-TEST attempts to test detection of widespread and prevalent malware discovered in the last four weeks. The below scores are the results of AV-TEST's evaluations on **Windows Defender Antivirus**. @@ -45,8 +43,8 @@ The below scores are the results of AV-TEST's evaluations on **Windows Defender |February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| -May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) **Latest**|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| -June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) **Latest**|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)| +May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) |[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I) **Latest**| +June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I) **Latest**| ||| |---|---| @@ -59,13 +57,11 @@ June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/b AV-Comparatives is an independent organization offering systematic testing for security software such as PC/Mac-based antivirus products and mobile security solutions. -The **Real-World Protection Test (Enterprise)** as defined by AV-Comparatives evaluates the “real-world” protection capabilities with default settings. The goal is to find out whether the security software protects the computer by either hindering the malware from changing any systems or remediating all changes if any were made. +The **Real-World Protection Test (Enterprise)** as defined by AV-Comparatives attempts to evaluate the “real-world” protection capabilities with default settings. The goal is to find out whether the security software protects the computer by either hindering the malware from changing any systems or remediating all changes if any were made. -The **Malware Protection Test Enterprise** as defined by AV-Comparatives assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution. It is only tested every *six months*. +The **Malware Protection Test Enterprise** as defined by AV-Comparatives attempts to assesses a security program’s ability to protect a system against infection by malicious files before, during or after execution. It is only tested every six months. -Note: Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV-Comparatives evaluation. - -The below scores are the results of AV-Comparatives tests on **Windows Defender Antivirus**. The scores are specifically for the ability to block malware. +The below scores are the results of AV-Comparatives tests on **Windows Defender Antivirus**. The scores represent the percentage of blocked malware. |Month (2018)| Real-World test score| Malware test score (every 6 months)| |---|---|---| @@ -76,17 +72,17 @@ The below scores are the results of AV-Comparatives tests on **Windows Defender |June| 99.50%| N/A| |July| 100.00%| N/A| -* [Real-World Protection Test (Enterprise) July 2018](https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/) - * [Real-World Protection Test (Enterprise) February - June 2018](https://www.av-comparatives.org/tests/real-world-protection-test-february-june-2018/) * [Malware Protection Test Enterprise March 2018](https://www.av-comparatives.org/tests/malware-protection-test-enterprise-march-2018-testresult/) +* [Real-World Protection Test (Enterprise) July 2018](https://www.av-comparatives.org/tests/real-world-protection-test-july-2018-factsheet/) **Latest**| + ## To what extent are tests representative of protection in the real world? -It is important to remember that the capabilities within [Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc) provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/) that are not factored into AV tests. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. +It is important to remember that Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV evaluations highlighted above. The capabilities within [Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc) also provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/) that are not factored into AV tests. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. -There are other technologies in nearly every endpoint security suite that address some of the latest and most sophisticated threats, but are not represented in AV tests. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. +There are other technologies in nearly every endpoint security suite not represented in AV tests that address some of the latest and most sophisticated threats. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection). From dee46c4e51dc70e1064fcb97a8b30512a7bcc2bf Mon Sep 17 00:00:00 2001 From: Beth Levin Date: Thu, 23 Aug 2018 09:56:27 -0700 Subject: [PATCH 18/20] ocid --- .../intelligence/transparency-report.md | 22 +++++++++---------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/windows/security/threat-protection/intelligence/transparency-report.md b/windows/security/threat-protection/intelligence/transparency-report.md index 420c66d18a..b087d99c47 100644 --- a/windows/security/threat-protection/intelligence/transparency-report.md +++ b/windows/security/threat-protection/intelligence/transparency-report.md @@ -17,17 +17,17 @@ ms.date: 08/17/2018 We want to be transparent and have gathered top industry reports that demonstrate our enterprise antivirus capabilities. Note that these tests only provide results for antivirus and do not test for additional security protections. -In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign/). In many cases, customers might not even know they were protected. That's because Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc)) [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering/), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak/), behavioral analysis, and other advanced technologies. +In the real world, millions of devices are protected from cyberattacks every day, sometimes [milliseconds after a campaign starts](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/07/behavior-monitoring-combined-with-machine-learning-spoils-a-massive-dofoil-coin-mining-campaign?ocid=cx-docs-avreports). In many cases, customers might not even know they were protected. That's because Windows Defender Advanced Threat Protection ([Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports)) [next generation protection](https://www.youtube.com/watch?v=Xy3MOxkX_o4) detects and stops malware at first sight by using predictive technologies, [machine learning](https://cloudblogs.microsoft.com/microsoftsecure/2018/06/07/machine-learning-vs-social-engineering?ocid=cx-docs-avreports), [artificial intelligence](https://cloudblogs.microsoft.com/microsoftsecure/2018/02/14/how-artificial-intelligence-stopped-an-emotet-outbreak?ocid=cx-docs-avreports), behavioral analysis, and other advanced technologies. > [!TIP] -> Learn why [Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise/). +> Learn why [Windows Defender Antivirus is the most deployed in the enterprise](https://cloudblogs.microsoft.com/microsoftsecure/2018/03/22/why-windows-defender-antivirus-is-the-most-deployed-in-the-enterprise?ocid=cx-docs-avreports).



    ![AV-TEST logo](./images/av-test-logo.png) ## AV-TEST: Perfect protection score of 6.0/6.0 in the latest test -**[Analysis of the latest AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I)** +**[Analysis of the latest AV-TEST results](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I?ocid=cx-docs-avreports)** The AV-TEST Product Review and Certification Report tests on three categories: protection, performance, and usability. The scores listed below are for the protection category which has two scores: real world testing and the AV-TEST reference set (known as "prevalent malware"). @@ -39,12 +39,12 @@ The below scores are the results of AV-TEST's evaluations on **Windows Defender |Month (2018)|Real-World test score| Prevalent malware test score | AV-TEST report| Microsoft analysis| |---|---|---|---|---| -|January| 100.00%| 99.92%| [Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| -|February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-blog-mmpc)| -March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| -April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA)| -May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) |[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I) **Latest**| -June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I) **Latest**| +|January| 100.00%| 99.92%| [Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-docs-avreports)| +|February| 100.00% | 100.00%|[Report (Jan-Feb)](https://www.av-test.org/en/antivirus/home-windows/windows-7/february-2018/kaspersky-lab-internet-security-18.0-180557/)| [Analysis (Jan-Feb)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE27O5A?ocid=cx-docs-avreports)| +March |98.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports)| +April|100.00%| 100.00%|[Report (Mar-Apr)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/april-2018/microsoft-windows-defender-antivirus-4.12-181574/)|[Analysis (Mar-Apr)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2ouJA?ocid=cx-docs-avreports)| +May|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/) |[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I?ocid=cx-docs-avreports) **Latest**| +June|100.00%| 100.00%| [Report (May-Jun)](https://www.av-test.org/en/antivirus/business-windows-client/windows-10/june-2018/microsoft-windows-defender-antivirus-4.12-182374/)|[Analysis (May-Jun)](https://query.prod.cms.rt.microsoft.com/cms/api/am/binary/RE2v60I?ocid=cx-docs-avreports) **Latest**| ||| |---|---| @@ -80,10 +80,10 @@ The below scores are the results of AV-Comparatives tests on **Windows Defender ## To what extent are tests representative of protection in the real world? -It is important to remember that Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV evaluations highlighted above. The capabilities within [Windows Defender ATP](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=cx-blog-mmpc) also provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses/) that are not factored into AV tests. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. +It is important to remember that Microsoft sees a wider and broader set of threats beyond just what’s tested in the AV evaluations highlighted above. The capabilities within [Windows Defender ATP](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=cx-docs-avreports) also provide [additional layers of protection](https://cloudblogs.microsoft.com/microsoftsecure/2017/12/11/detonating-a-bad-rabbit-windows-defender-antivirus-and-layered-machine-learning-defenses?ocid=cx-docs-avreports) that are not factored into AV tests. Using these tests, customer can view one aspect of their security suite but can't assess the complete protection of all the security features. There are other technologies in nearly every endpoint security suite not represented in AV tests that address some of the latest and most sophisticated threats. For example, the capabilities such as attack surface reduction and endpoint detection & response help prevent malware from getting onto devices in the first place. -Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-blog-mmpc), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection). +Microsoft is highly engaged in working with several independent testers to evolve security testing to focus on the end-to-end security stack. In the meantime, customers can evaluate Windows Defender Advanced Threat Protection in their own networks by signing up for a [90-day trial of Windows Defender ATP](https://www.microsoft.com/windowsforbusiness/windows-atp?ocid=cx-docs-avreports), or [enabling Preview features on existing tenants](https://docs.microsoft.com/windows/security/threat-protection/windows-defender-atp/preview-settings-windows-defender-advanced-threat-protection?ocid=cx-docs-avreports). ![ATP](./images/wdatp-pillars2.png) From 139d0ed0c2f874a3b1a87b00160733c3487eb89b Mon Sep 17 00:00:00 2001 From: Justin Hall Date: Thu, 23 Aug 2018 11:09:10 -0700 Subject: [PATCH 19/20] updated title --- ...d-security-and-windows-defender-application-control.md | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md index 8a5fc0d12d..805eeff313 100644 --- a/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md +++ b/windows/security/threat-protection/device-guard/introduction-to-device-guard-virtualization-based-security-and-windows-defender-application-control.md @@ -1,15 +1,15 @@ --- -title: Windows Defender Application Control Configurable Code Integrity and Virtualization-based security (Windows 10) -description: Microsoft Windows 10 has a feature set that consists of both hardware and software system integrity hardening capabilites that revolutionize the Windows operating system’s security. +title: Device Guard is the combination of Windows Defender Application Control and Virtualization-based security (Windows 10) +description: Device Guard consists of both hardware and software system integrity hardening capabilites that can be deployed separately or in combination. keywords: virtualization, security, malware ms.prod: w10 ms.mktglfcycl: deploy ms.localizationpriority: medium author: mdsakibMSFT -ms.date: 04/19/2018 +ms.date: 08/23/2018 --- -# Windows Defender Application Control Configurable Code Integrity and Virtualization-based security (aka Windows Defender Device Guard) +# Device Guard: Windows Defender Application Control Configurable Code Integrity and Virtualization-based security **Applies to** - Windows 10 From da9679edc014c1cbe126ccc80016f4d80cfca198 Mon Sep 17 00:00:00 2001 From: Benjamin Howorth Date: Thu, 23 Aug 2018 19:39:23 +0000 Subject: [PATCH 20/20] Updated inclusive-classroom-it-admin.md fixing table bug --- education/get-started/inclusive-classroom-it-admin.md | 2 -- 1 file changed, 2 deletions(-) diff --git a/education/get-started/inclusive-classroom-it-admin.md b/education/get-started/inclusive-classroom-it-admin.md index def3d886d3..5500fe19dc 100644 --- a/education/get-started/inclusive-classroom-it-admin.md +++ b/education/get-started/inclusive-classroom-it-admin.md @@ -29,7 +29,6 @@ You will also learn how to deploy apps using Microsoft Intune, turn on or off Ea | Read aloud with simultaneous highlighting |
    • OneNote 2016 (add-in), OneNote Online, OneNote for Windows 10, OneNote for iPad, OneNote Mac
    • Word 2016, Word Online, Word Mac, Word for iOS
    • Outlook 2016, Outlook Web Access
    • Office Lens on iOS, Android
    |

    X

    (N/A for Word for iOS, Word Online, Outlook Web Access, or Office Lens)

    |

    X

    (N/A for Word for iOS, Word Online, Outlook Web Access, or Office Lens)

    |

    X

    |

    X

    (N/A for Outlook PC)

    |

    X

    (N/A for any OneNote apps or Outlook PC)

    | | Adjustable text spacing and font size |
    • OneNote 2016 (add-in), OneNote Online, OneNote for Windows 10, OneNote for iPad, OneNote Mac
    • Word 2016, Word Online, Word Mac, Word for iPad
    • Outlook Web Access
    • Office Lens on iOS, Android
    |

    X

    (N/A for Word for iOS, Word Online, Outlook Web Access, or Office Lens)

    |

    X

    (N/A for Word for iOS, Word Online, Outlook Web Access, or Office Lens)

    |

    X

    |

    X

    |

    X

    (N/A for any OneNote apps)

    | | Syllabification |
    • OneNote 2016 (add-in), OneNote Online, OneNote for Windows 10, OneNote for iPad, OneNote Mac
    • Word Online
    • Outlook Web Access
    | |

    X

    (N/A for Word for iOS, Word Online, Outlook Web Access)

    |

    X

    (N/A for Word iOS)

    |

    X

    (N/A for Word iOS)

    |

    X

    (N/A for any OneNote apps or Word iOS)

    | - | Parts of speech identification |
    • OneNote 2016 (add-in), OneNote Online, OneNote for Windows 10, OneNote for iPad, OneNote Mac
    • Word 2016, Word Online, Word Mac, Word for iOS
    • Outlook 2016, Outlook Web Access
    • Office Lens on iOS, Android
    |

    X

    (N/A for Word Online, Outlook Web Access)

    |

    X

    (N/A for Word Online, Outlook Web Access)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    | | Line focus mode |
    • Word 2016, Word Online, Word Mac, Word for iOS
    • Outlook 2016, Outlook Web Access
    • Office Lens on iOS, Android
    | |

    X

    (N/A for Word Online, Outlook Web Access)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    | | Picture Dictionary |
    • Word 2016, Word Online, Word Mac, Word for iOS
    • Outlook 2016, Outlook Web Access
    • Office Lens on iOS, Android
    | |

    X

    (N/A for Word Online, Outlook Web Access)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    |

    X

    (N/A for any OneNote apps)

    | @@ -48,7 +47,6 @@ You will also learn how to deploy apps using Microsoft Intune, turn on or off Ea | Creating accessible content features | Available in which apps|Office 2016 MSI|Office 2019| Office 365 ProPlus Monthly (C2R) | Office 365 ProPlus Semi Annual (C2R) | Office 365 ProPlus Annual (C2R) | |---|---|---|---|---|---|---| - | Accessibility Checker |
    • All Office 365 authoring applications on PC, Mac, Web
    | |

    X

    |

    X

    | | | | Accessible Templates |
    • Word for PCs, Mac
    • Excel for PCs, Mac
    • PowerPoint for PCs, Mac
    • Sway on iOS, Web, Windows 10
    | |

    X

    |

    X

    | | | | Ability to add alt-text for images |
    • Word for PCs (includes automatic suggestions for image descriptions)
    • SharePoint Online (includes automatic suggestions for image descriptions)
    • PowerPoint for PCs (includes automatic suggestions for image descriptions)
    • OneNote (includes automatic extraction of text in images)
    • All Office 365 authoring applications (include ability to add alt-text manually)
    |

    X

    |

    X

    |

    X

    | | |