| Home | @@ -57,12 +60,13 @@ Allows the administrator to require storage card encryption on the device. This |
|---|
| Home | @@ -112,7 +118,7 @@ Allows the administrator to require encryption to be turned on by using BitLocke |
|---|
| Home | @@ -176,6 +185,8 @@ Allows you to set the default encryption method for each of the different drive |
|---|
| Home | @@ -254,6 +270,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Require add |
|---|
| Home | @@ -351,6 +374,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Configure m |
|---|
| Home | @@ -420,6 +451,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Configure p |
|---|
| Home | @@ -501,6 +540,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Choose how |
|---|
| Home | @@ -591,6 +637,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Choose how |
|---|
| Home | @@ -689,6 +742,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Deny write |
|---|
| Home | @@ -751,6 +811,8 @@ This setting is a direct mapping to the Bitlocker Group Policy "Deny write |
|---|
| Home | @@ -831,12 +895,13 @@ Allows the admin to disable the warning prompt for other disk encryption on the |
|---|
| Home | @@ -916,15 +991,28 @@ This setting initiates a client-driven recovery password refresh after an OS dri |
|---|
| Home | @@ -957,14 +1046,21 @@ Each server-side recovery key rotation is represented by a request ID. The serve |
|---|
| Home | @@ -985,15 +1081,25 @@ This node reports compliance state of device encryption on the system. |
|---|
| Home | @@ -1021,11 +1128,21 @@ Status code can be one of the following: |
|---|
| Home | @@ -1046,6 +1163,9 @@ This node needs to be queried in synchronization with RotateRecoveryPasswordsSta |
|---|
| Windows Edition | +Supported? | +
|---|---|
| Home | + |
+
| Pro | +7 |
+
| Business | +7 |
+
| Enterprise | +7 |
+
| Education | +7 |
+
| Details | Originating update | Status | History |
| Apps using Visual Basic 6 (VB6), VBA, and VBScript may stop responding with error After installing KB4512501, applications that were made using Visual Basic 6 (VB6), macros using Visual Basic for Applications (VBA), and scripts or apps using Visual Basic Scripting Edition (VBScript) may stop responding and you may receive an \"invalid procedure call error.\" Affected platforms:
Resolution: This issue was resolved in KB4512509. The ‘optional’ update will be available on Microsoft Update Catalog, Windows Update, Microsoft Update and Windows Server Update Services (WSUS). As with any 'optional' update, you will need to Check for updates to receive KB4512509 and install. For instructions, see Update Windows 10. Note Windows Update for Business customers should apply the update via Microsoft Update Catalog or Windows Server Update Services (WSUS). Back to top | OS Build 17134.950 August 13, 2019 KB4512501 | Resolved KB4512509 | Resolved: August 19, 2019 02:00 PM PT Opened: August 14, 2019 03:34 PM PT |
| Details | Originating update | Status | History |
| Devices starting using PXE from a WDS or SCCM servers may fail to start Devices that start up using Preboot Execution Environment (PXE) images from Windows Deployment Services (WDS) or System Center Configuration Manager (SCCM) may fail to start with the error \"Status: 0xc0000001, Info: A required device isn't connected or can't be accessed\" after installing KB4503286 on a WDS server. Affected platforms:
Resolution: This issue was resolved in KB4512509. Back to top | OS Build 17134.829 June 11, 2019 KB4503286 | Resolved KB4512509 | Resolved: August 19, 2019 02:00 PM PT Opened: July 10, 2019 02:51 PM PT |
| Summary | Originating update | Status | Last updated |
| You might encounter issues with KB4502496 You might encounter issues trying to install or after installing KB4502496 See details > | N/A February 11, 2019 KB4502496 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4502496 You might encounter issues trying to install or after installing KB4502496 See details > | N/A February 11, 2020 KB4502496 | Mitigated | February 15, 2020 01:22 AM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 10240.18368 October 08, 2019 KB4520011 | Mitigated External | November 05, 2019 03:36 PM PT |
| Certain operations performed on a Cluster Shared Volume may fail Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). See details > | OS Build 10240.18094 January 08, 2019 KB4480962 | Mitigated | April 25, 2019 02:00 PM PT |
| Details | Originating update | Status | History |
| You might encounter issues with KB4502496 You might encounter issues trying to install or after installing KB4502496. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4502496 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4502496 You might encounter issues trying to install or after installing KB4502496. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4502496) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4502496 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Windows may not start on certain Lenovo and Fujitsu laptops with less than 8GB of RAM Windows may fail to start on certain Lenovo and Fujitsu laptops that have less than 8 GB of RAM. See details > | OS Build 14393.2608 November 13, 2018 KB4467691 | Resolved External | January 23, 2020 02:08 PM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 14393.3274 October 08, 2019 KB4519998 | Mitigated External | November 05, 2019 03:36 PM PT |
| Certain operations performed on a Cluster Shared Volume may fail Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). See details > | OS Build 14393.2724 January 08, 2019 KB4480961 | Mitigated | April 25, 2019 02:00 PM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Unable to create local users in Chinese, Japanese and Korean during device setup You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE. See details > | OS Build 16299.1387 September 10, 2019 KB4516066 | Resolved KB4534318 | January 23, 2020 02:00 PM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 16299.1451 October 08, 2019 KB4520004 | Mitigated External | November 05, 2019 03:36 PM PT |
| Certain operations performed on a Cluster Shared Volume may fail Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). See details > | OS Build 16299.904 January 08, 2019 KB4480978 | Mitigated | April 25, 2019 02:00 PM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Unable to create local users in Chinese, Japanese and Korean during device setup You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE. See details > | OS Build 17134.1006 September 10, 2019 KB4516058 | Resolved KB4534308 | January 23, 2020 02:00 PM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 17134.1069 October 08, 2019 KB4520008 | Mitigated External | November 05, 2019 03:36 PM PT |
| Certain operations performed on a Cluster Shared Volume may fail Operations performed on files or folders on a CSV may fail with the error: STATUS_BAD_IMPERSONATION_LEVEL (0xC00000A5). See details > | OS Build 17134.523 January 08, 2019 KB4480966 | Mitigated | April 25, 2019 02:00 PM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Unable to create local users in Chinese, Japanese and Korean during device setup You might be unable to create users in Chinese, Japanese and Korean using Input Method Editor (IME) during OOBE. See details > | OS Build 17763.737 September 10, 2019 KB4512578 | Resolved KB4534321 | January 23, 2020 02:00 PM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 17763.805 October 08, 2019 KB4519338 | Mitigated External | November 05, 2019 03:36 PM PT |
| Devices with some Asian language packs installed may receive an error Devices with Asian language packs installed may receive the error, \"0x800f0982 - PSFX_E_MATCHING_COMPONENT_NOT_FOUND.\" See details > | OS Build 17763.437 April 09, 2019 KB4493509 | Mitigated | May 03, 2019 10:59 AM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Issues with some older versions of Avast and AVG anti-virus products Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus. See details > | N/A | Mitigated External | November 25, 2019 05:25 PM PT |
| TLS connections might fail or timeout Transport Layer Security (TLS) connections might fail or timeout when connecting or attempting a resumption. See details > | OS Build 18362.418 October 08, 2019 KB4517389 | Mitigated External | November 05, 2019 03:36 PM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| Summary | Originating update | Status | Last updated |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2019 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| “Reset this PC” feature might fail “Reset this PC” feature is also called “Push Button Reset” or PBR. See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244 See details > | N/A February 11, 2020 KB4524244 | Mitigated | February 15, 2020 01:22 AM PT |
| Issues with some older versions of Avast and AVG anti-virus products Microsoft and Avast has identified compatibility issues with some versions of Avast and AVG Antivirus. See details > | N/A | Mitigated External | November 25, 2019 05:25 PM PT |
| Details | Originating update | Status | History |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2019 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| “Reset this PC” feature might fail Using the “Reset this PC” feature, also called “Push Button Reset” or PBR, might fail. You might restart into recovery with “Choose an option” at the top of the screen with various options or you might restart to your desktop and receive the error “There was a problem resetting your PC”. Affected platforms:
Workaround: The standalone security update, KB4524244 has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Update (LCU), Monthly Rollup or Security Only update. If you have installed this update and are experiencing this issue, the following steps should allow you to reset your device:
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
| You might encounter issues with KB4524244 You might encounter issues trying to install or after installing KB4524244. Affected platforms:
Workaround: To help a sub-set of affected devices, the standalone security update (KB4524244) has been removed and will not re-offered from Windows Update, Windows Server Update Services (WSUS) or Microsoft Update Catalog. Note This does not affect any other update, including Latest Cumulative Updates (LCUs), Monthly Rollups or Security Only updates. If this update is installed and you are experiencing issues, you can uninstall this update.
Next steps: We are working on an improved version of this update in coordination with our partners and will release it in a future update. Back to top | N/A February 11, 2020 KB4524244 | Mitigated | Last updated: February 15, 2020 01:22 AM PT Opened: February 15, 2020 12:02 AM PT |
**NOTE:**
Microsoft Defender ATP customers need to apply for the Microsoft Threat Experts managed threat hunting service to get proactive Targeted Attack Notifications and to collaborate with experts on demand. Experts on Demand is an add-on service. Targeted Attack Notifications are always included after you have been accepted into Microsoft Threat Experts managed threat hunting service.
If you are not enrolled yet and would like to experience its benefits, go to **Settings** > **General** > **Advanced features** > **Microsoft Threat Experts** to apply. Once accepted, you will get the benefits of Targeted Attack Notifications, and start a 90-day trial of Experts on Demand. Contact your Microsoft representative to get a full Experts on Demand subscription. [Advanced hunting](advanced-hunting-overview.md) | Use a powerful query-based threat-hunting tool to proactively find breach activity and create custom detection rules. [Management and APIs](management-apis.md) | Microsoft Defender ATP supports a wide variety of tools to help you manage and interact with the platform so that you can integrate the service into your existing workflows. diff --git a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md index 480df72feb..ceb8637a40 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md +++ b/windows/security/threat-protection/microsoft-defender-atp/portal-overview.md @@ -122,5 +122,5 @@ Icon | Description ## Related topics - [Understand the Microsoft Defender Advanced Threat Protection portal](use.md) - [View the Security operations dashboard](security-operations-dashboard.md) -- [View the Secure Score dashboard and improve your secure score](secure-score-dashboard.md) +- [View the Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) - [View the Threat analytics dashboard and take recommended mitigation actions](threat-analytics.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/product-brief.md b/windows/security/threat-protection/microsoft-defender-atp/product-brief.md index 2a83d109de..e69a6bc890 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/product-brief.md +++ b/windows/security/threat-protection/microsoft-defender-atp/product-brief.md @@ -36,33 +36,33 @@ Capability | Description **Threat and Vulnerability Management** | This built-in capability uses a game-changing risk-based approach to the discovery, prioritization, and remediation of endpoint vulnerabilities and misconfigurations. **Attack Surface Reduction** | The attack surface reduction set of capabilities provide the first line of defense in the stack. By ensuring configuration settings are properly set and exploit mitigation techniques are applied, these set of capabilities resist attacks and exploitations. **Next Generation Protection** | To further reinforce the security perimeter of the organizations network, Microsoft Defender ATP uses next generation protection designed to catch all types of emerging threats. -**Endpoint Detection & Response** | Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. -**Auto Investigation & Remediation** | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale. +**Endpoint Detection & Response** | Endpoint detection and response capabilities are put in place to detect, investigate, and respond to advanced threats that may have made it past the first two security pillars. +**Auto Investigation & Remediation** | In conjunction with being able to quickly respond to advanced attacks, Microsoft Defender ATP offers automatic investigation and remediation capabilities that help reduce the volume of alerts in minutes at scale. **Microsoft Threat Experts** | Microsoft Defender ATP's new managed threat hunting service provides proactive hunting, prioritization, and additional context and insights that further empower Security operation centers (SOCs) to identify and respond to threats quickly and accurately. -**Secure Score** | Microsoft Defender ATP includes a secure score to help dynamically assess the security state of the enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of the organization. +**Configuration Score** | Microsoft Defender ATP includes configuration score to help dynamically assess the security state of the enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of the organization. **Advance Hunting** | Create custom threat intelligence and use a powerful search and query tool to hunt for possible threats in the organization. **Management and API** | Integrate Microsoft Defender Advanced Threat Protection into existing workflows. **Microsoft Threat Protection** | Microsoft Defender ATP is part of the Microsoft Threat Protection solution that helps implement end-to-end security across possible attack surfaces in the modern workplace. Bring the power of Microsoft threat protection to the organization. | | Microsoft Defender ATP uses the following combination of technology built into Windows 10 and Microsoft's robust cloud service: -- **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors +- **Endpoint behavioral sensors**: Embedded in Windows 10, these sensors collect and process behavioral signals from the operating system and sends this sensor data to your private, isolated, cloud instance of Microsoft Defender ATP. - -- **Cloud security analytics**: Leveraging big-data, machine-learning, and +- **Cloud security analytics**: Leveraging big-data, machine-learning, and unique Microsoft optics across the Windows ecosystem, enterprise cloud products (such as Office 365), and online assets, behavioral signals are translated into insights, detections, and recommended responses to advanced threats. -- **Threat intelligence**: Generated by Microsoft hunters, security teams, +- **Threat intelligence**: Generated by Microsoft hunters, security teams, and augmented by threat intelligence provided by partners, threat intelligence enables Microsoft Defender ATP to identify attacker tools, techniques, and procedures, and generate alerts when these are observed in collected sensor data. ## Licensing requirements + Microsoft Defender Advanced Threat Protection requires one of the following Microsoft Volume Licensing offers: - Windows 10 Enterprise E5 @@ -71,4 +71,5 @@ Microsoft Defender Advanced Threat Protection requires one of the following Micr - Microsoft 365 A5 (M365 A5) ## Related topic + - [Prepare deployment](prepare-deployment.md) \ No newline at end of file diff --git a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md deleted file mode 100644 index 1ac2ee7415..0000000000 --- a/windows/security/threat-protection/microsoft-defender-atp/secure-score-dashboard.md +++ /dev/null @@ -1,315 +0,0 @@ ---- -title: Configure the security controls in Secure score -description: Configure the security controls in Secure score -keywords: secure score, dashboard, security recommendations, security control state, security score, score improvement, microsoft secure score, security controls, security control, improvement opportunities, edr, antivirus, av, os security updates -search.product: eADQiWindows 10XVcnh -search.appverid: met150 -ms.prod: w10 -ms.mktglfcycl: deploy -ms.sitesec: library -ms.pagetype: security -ms.author: dolmont -author: DulceMontemayor -ms.localizationpriority: medium -manager: dansimp -audience: ITPro -ms.collection: M365-security-compliance -ms.topic: conceptual ---- - -# Configure the security controls in Secure score - -**Applies to:** - -* [Microsoft Defender Advanced Threat Protection (Microsoft Defender ATP)](https://go.microsoft.com/fwlink/p/?linkid=2069559) - -> [!NOTE] -> Secure score is now part of [Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) as [Configuration score](configuration-score.md). The secure score page will be available for a few weeks. View the [Secure score](https://docs.microsoft.com/windows/security/threat-protection/microsoft-defender-atp/overview-secure-score) page. - -Each security control lists recommendations that you can take to increase the security posture of your organization. - -### Endpoint detection and response (EDR) optimization - -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for your Endpoint detection and response tool. - -> [!IMPORTANT] -> This feature is available for machines on Windows 10, version 1607 or later. - -#### Minimum baseline configuration setting for EDR - -* Microsoft Defender ATP sensor is on -* Data collection is working correctly -* Communication to Microsoft Defender ATP service is not impaired - -##### Recommended actions - -You can take the following actions to increase the overall security score of your organization: - -* Turn on sensor -* Fix sensor data collection -* Fix impaired communications - -For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). - -### Windows Defender Antivirus (Windows Defender AV) optimization -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Windows Defender AV. - -> [!IMPORTANT] -> This feature is available for machines on Windows 10, version 1607 or later. - -#### Minimum baseline configuration setting for Windows Defender AV: -A well-configured machine for Windows Defender AV meets the following requirements: - -- Windows Defender AV is reporting correctly -- Windows Defender AV is turned on -- Security intelligence is up-to-date -- Real-time protection is on -- Potentially Unwanted Application (PUA) protection is enabled - -You can take the following actions to increase the overall security score of your organization: - ->[!NOTE] -> For the Windows Defender Antivirus properties to show, you'll need to ensure that the Windows Defender Antivirus Cloud-based protection is properly configured on the machine. - -- Fix antivirus reporting - - This recommendation is displayed when the Windows Defender Antivirus is not properly configured to report its health state. For more information on fixing the reporting, see [Configure and validate network connections](../windows-defender-antivirus/configure-network-connections-windows-defender-antivirus.md). -- Turn on antivirus -- Update antivirus Security intelligence -- Turn on real-time protection -- Turn on PUA protection - -For more information, see [Configure Windows Defender Antivirus](../windows-defender-antivirus/configure-windows-defender-antivirus-features.md). - -### OS security updates optimization - -This tile shows you the number of machines that require the latest security updates. It also shows machines that are running on the latest Windows Insider preview build and serves as a reminder to ensure that users should run the latest builds. - -> [!IMPORTANT] -> This feature is available for machines on Windows 10, version 1607 or later. - -You can take the following actions to increase the overall security score of your organization: - -* Install the latest security updates -* Fix sensor data collection - * The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). - -For more information, see [Windows Update Troubleshooter](https://support.microsoft.com/help/4027322/windows-windows-update-troubleshooter). - -### Windows Defender Exploit Guard (Windows Defender EG) optimization - - -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on machines to meet the minimum baseline configuration setting for Microsoft Defender EG. When endpoints are configured according to the baseline the Microsoft Defender EG events shows on the Microsoft Defender ATP Machine timeline. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1709 or later. - -#### Minimum baseline configuration setting for Windows Defender EG - -Machines are considered "well configured" for Microsoft Defender EG if the following requirements are met: - -* System level protection settings are configured correctly -* Attack Surface Reduction rules are configured correctly -* Controlled Folder Access setting is configured correctly - -##### System level protection - -The following system level configuration settings must be set to **On or Force On**: - -1. Control Flow Guard -2. Data Execution Prevention (DEP) -3. Randomize memory allocations (Bottom-up ASLR) -4. Validate exception chains (SEHOP) -5. Validate heap integrity - -> [!NOTE] -> The setting **Force randomization for images (Mandatory ASLR)** is currently excluded from the baseline. -> Consider configuring **Force randomization for images (Mandatory ASLR)** to **On or Force On** for better protection. - -##### Attack Surface Reduction (ASR) rules - -The following ASR rules must be configured to **Block mode**: - -Rule description | GUIDs --|- -Block executable content from email client and webmail | BE9BA2D9-53EA-4CDC-84E5-9B1EEEE46550 -Block Office applications from creating child processes | D4F940AB-401B-4EFC-AADC-AD5F3C50688A -Block Office applications from creating executable content | 3B576869-A4EC-4529-8536-B80A7769E899 -Impede JavaScript and VBScript to launch executables | D3E037E1-3EB8-44C8-A917-57927947596D -Block execution of potentially obfuscated scripts | 5BEB7EFE-FD9A-4556-801D-275E5FFC04CC -Block Win32 imports from Macro code in Office | 92E97FA1-2EDF-4476-BDD6-9DD0B4DDDC7B - -> [!NOTE] -> The setting **Block Office applications from injecting into other processes** with GUID 75668C1F-73B5-4CF0-BB93-3ECF5CB7CC84 is excluded from the baseline. -> Consider enabling this rule in **Audit** or **Block mode** for better protection. - -##### Controlled Folder Access - -The Controlled Folder Access setting must be configured to **Audit mode** or **Enabled**. - -> [!NOTE] -> Audit mode, allows you to see audit events in the Microsoft Defender ATP Machine timeline however it does not block suspicious applications. -> Consider enabling Controlled Folder Access for better protection. - -##### Recommended actions - -You can take the following actions to increase the overall security score of your organization: - -- Turn on all system-level Exploit Protection settings -- Set all ASR rules to enabled or audit mode -- Turn on Controlled Folder Access -- Turn on Windows Defender Antivirus on compatible machines - -### Windows Defender Application Guard (Windows Defender AG) optimization -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Windows Defender AG. When endpoints are configured according to the baseline, Windows Defender AG events shows on the Microsoft Defender ATP Machine timeline. - -A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender AG. When endpoints are configured according to the baseline, Microsoft Defender AG events shows on the Microsoft Defender ATP Machine timeline. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1709 or later. - -#### Minimum baseline configuration setting for Windows Defender AG: -A well-configured machine for Windows Defender AG meets the following requirements: - -- Hardware and software prerequisites are met -- Windows Defender AG is turned on compatible machines -- Managed mode is turned on - -You can take the following actions to increase the overall security score of your organization: - -* Ensure hardware and software prerequisites are met - - > [!NOTE] - > This improvement item does not contribute to the security score in itself because it's not a prerequisite for Microsoft Defender AG. It gives an indication of a potential reason why Microsoft Defender AG is not turned on. - -* Turn on Microsoft Defender AG on compatible machines -* Turn on managed mode - -For more information, see [Microsoft Defender Application Guard overview](../windows-defender-application-guard/wd-app-guard-overview.md). - -### Windows Defender SmartScreen optimization - -A well-configured machine complies to a minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender SmartScreen. - -> [!WARNING] -> Data collected by Microsoft Defender SmartScreen might be stored and processed outside of the storage location you have selected for your Microsoft Defender ATP data. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1709 or later. - -#### Minimum baseline configuration setting for Windows Defender SmartScreen: - -The following settings must be configured with the following settings: - -* Check apps and files: **Warn** or **Block** -* Microsoft Defender SmartScreen for Microsoft Edge: **Warn** or **Block** -* Microsoft Defender SmartScreen for Microsoft store apps: **Warn** or **Off** - -You can take the following actions to increase the overall security score of your organization: - -- Set **Check app and files** to **Warn** or **Block** -- Set **Windows Defender SmartScreen for Microsoft Edge** to **Warn** or **Block** -- Set **Windows Defender SmartScreen for Microsoft store apps** to **Warn** or **Off** - -For more information, see [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md). - -* Set **Check app and files** to **Warn** or **Block** -* Set **Windows Defender SmartScreen for Microsoft Edge** to **Warn** or **Block** -* Set **Windows Defender SmartScreen for Microsoft store apps** to **Warn** or **Off** - -For more information, see [Windows Defender SmartScreen](../windows-defender-smartscreen/windows-defender-smartscreen-overview.md). - -### Windows Defender Firewall optimization - -A well-configured machine must have Microsoft Defender Firewall turned on and enabled for all profiles so that inbound connections are blocked by default. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Microsoft Defender Firewall. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1709 or later. - -#### Minimum baseline configuration setting for Windows Defender Firewall - -* Microsoft Defender Firewall is turned on for all network connections -* Secure domain profile by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked -* Secure private profile by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked -* Secure public profile is configured by enabling Microsoft Defender Firewall and ensure that Inbound connections are set to Blocked - -For more information on Windows Defender Firewall settings, see [Planning settings for a basic firewall policy](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/planning-settings-for-a-basic-firewall-policy). - -> [!NOTE] -> If Windows Defender Firewall is not your primary firewall, consider excluding it from the security score calculations and make sure that your third-party firewall is configured in a securely. - -##### Recommended actions - -You can take the following actions to increase the overall security score of your organization: - -* Turn on firewall -* Secure domain profile -* Secure private profile -* Secure public profile -* Verify secure configuration of third-party firewall -* Fix sensor data collection - * The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). - -For more information, see [Windows Defender Firewall with Advanced Security](https://docs.microsoft.com/windows/security/identity-protection/windows-firewall/windows-firewall-with-advanced-security). - -### BitLocker optimization - -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for BitLocker. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1803 or later. - -#### Minimum baseline configuration setting for BitLocker - -* Ensure all supported drives are encrypted -* Ensure that all suspended protection on drives resume protection -* Ensure that drives are compatible - -##### Recommended actions - -You can take the following actions to increase the overall security score of your organization: - -* Encrypt all supported drives -* Resume protection on all drives -* Ensure drive compatibility -* Fix sensor data collection - * The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). - -For more information, see [Bitlocker](https://docs.microsoft.com/windows/security/information-protection/bitlocker/bitlocker-overview). - -### Windows Defender Credential Guard optimization -A well-configured machine complies to the minimum baseline configuration setting. This tile shows you a list of actions to apply on endpoints to meet the minimum baseline configuration setting for Windows Defender Credential Guard. - -> [!IMPORTANT] -> This security control is only applicable for machines with Windows 10, version 1709 or later. - -#### Minimum baseline configuration setting for Windows Defender Credential Guard: -Well-configured machines for Windows Defender Credential Guard meets the following requirements: - -- Hardware and software prerequisites are met -- Windows Defender Credential Guard is turned on compatible machines - -##### Recommended actions - -You can take the following actions to increase the overall security score of your organization: - -* Ensure hardware and software prerequisites are met -* Turn on Credential Guard -* Fix sensor data collection - * The Microsoft Defender ATP service relies on sensor data collection to determine the security state of a machine. The service will not be able to determine the security state of machines that are not reporting sensor data properly. It's important to ensure that sensor data collection is working properly. For more information, see [Fix unhealthy sensors](fix-unhealthy-sensors.md). - -For more information, see [Manage Windows Defender Credential Guard](https://docs.microsoft.com/windows/security/identity-protection/credential-guard/credential-guard-manage). - ->Want to experience Microsoft Defender ATP? [Sign up for a free trial.](https://www.microsoft.com/en-us/WindowsForBusiness/windows-atp?ocid=docs-wdatp-sadashboard-belowfoldlink) - -## Related topics - -* [Overview of Secure score](overview-secure-score.md) -* [Risk-based Threat & Vulnerability Management](next-gen-threat-and-vuln-mgt.md) -* [Threat & Vulnerability Management dashboard overview](tvm-dashboard-insights.md) -* [Exposure score](tvm-exposure-score.md) -* [Configuration score](configuration-score.md) -* [Security recommendations](tvm-security-recommendation.md) -* [Remediation](tvm-remediation.md) -* [Software inventory](tvm-software-inventory.md) -* [Weaknesses](tvm-weaknesses.md) -* [Scenarios](threat-and-vuln-mgt-scenarios.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md index ea54e6d0ea..00820b5fe4 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md +++ b/windows/security/threat-protection/microsoft-defender-atp/security-operations-dashboard.md @@ -121,5 +121,5 @@ Click the user account to see details about the user account. For more informati ## Related topics - [Understand the Microsoft Defender Advanced Threat Protection portal](use.md) - [Portal overview](portal-overview.md) -- [View the Secure Score dashboard and improve your secure score](secure-score-dashboard.md) +- [View the Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) - [View the Threat analytics dashboard and take recommended mitigation actions](threat-analytics.md) diff --git a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md index 7df11c3d9e..9f6f5b45c6 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md +++ b/windows/security/threat-protection/microsoft-defender-atp/threat-and-vuln-mgt-scenarios.md @@ -85,8 +85,9 @@ To lower down your threat and vulnerability exposure: 6. Review the machine **Security recommendation** tab again. The recommendation you've chosen to remediate is removed from the security recommendation list, and the exposure score decreases. ## Improve your security configuration + >[!NOTE] -> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md). The secure score page is available for a few weeks. View the [secure score](https://securitycenter.windows.com/securescore) page. +> Secure score is now part of Threat & Vulnerability Management as [configuration score](configuration-score.md). You can improve your security configuration when you remediate issues from the security recommendations list. As you do so, your configuration score improves, which means your organization becomes more resilient against cybersecurity threats and vulnerabilities. diff --git a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md index ffd3002549..a0465dd642 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md +++ b/windows/security/threat-protection/microsoft-defender-atp/tvm-remediation.md @@ -66,10 +66,10 @@ When you submit a remediation request from Threat & Vulnerability Management, it It creates a security task which will be tracked in Threat & Vulnerability Management **Remediation** page, and it also creates a remediation ticket in Microsoft Intune. -The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. +The dashboard will show that status of your top remediation activities. Click any of the entries and it will take you to the **Remediation** page. You can mark the remediation activity as completed after the IT administration team remediates the task. ## When to file for exception instead of remediating issues -You can file exceptions to exclude certain recommendation from showing up in reports and affecting risk scores or secure scores. +You can file exceptions to exclude certain recommendation from showing up in reports and affecting your configuration score. When you select a security recommendation, it opens up a flyout screen with details and options for your next step. You can either **Open software page**, choose from **Remediation options**, go through **Exception options** to file for exceptions, or **Report inaccuracy**. @@ -113,10 +113,10 @@ Clicking the link opens up to the **Security recommendations** page, where you c - **In effect** - The exception that you've filed is in progress ### Exception impact on scores -Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Secure Score (for configurations) of your organization in the following manner: +Creating an exception can potentially affect the Exposure Score (for both types of weaknesses) and Configuration Score (for configurations) of your organization in the following manner: - **No impact** - Removes the recommendation from the lists (which can be reverse through filters), but will not affect the scores - **Mitigation-like impact** - As if the recommendation was mitigated (and scores will be adjusted accordingly) when you select it as a compensating control. -- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Secure Score results out of the exception option that you made +- **Hybrid** - Provides visibility on both No impact and Mitigation-like impact. It shows both the Exposure Score and Configuration Score results out of the exception option that you made The exception impact shows on both the Security recommendations page column and in the flyout pane. diff --git a/windows/security/threat-protection/microsoft-defender-atp/use.md b/windows/security/threat-protection/microsoft-defender-atp/use.md index dbf6830312..1b86e94b66 100644 --- a/windows/security/threat-protection/microsoft-defender-atp/use.md +++ b/windows/security/threat-protection/microsoft-defender-atp/use.md @@ -29,7 +29,7 @@ Microsoft Defender Security Center is the portal where you can access Microsoft Use the **Security operations** dashboard to gain insight on the various alerts on machines and users in your network. -Use the **Secure Score** dashboard to expand your visibility on the overall security posture of your organization. You'll see machines that require attention and recommendations that can help you reduce the attack surface in your organization. +Use the **Threat & Vulnerability Management** dashboard to expand your visibility on the overall security posture of your organization. You'll see machines that require attention and recommendations that can help you reduce the attack surface in your organization. Use the **Threat analytics** dashboard to continually assess and control risk exposure to Spectre and Meltdown. @@ -39,5 +39,5 @@ Topic | Description :---|:--- [Portal overview](portal-overview.md) | Understand the portal layout and area descriptions. [View the Security operations dashboard](security-operations-dashboard.md) | The Microsoft Defender ATP **Security operations dashboard** provides a snapshot of your network. You can view aggregates of alerts, the overall status of the service of the machines on your network, investigate machines, files, and URLs, and see snapshots of threats seen on machines. -[View the Secure Score dashboard and improve your secure score](secure-score-dashboard.md) | The **Secure Score dashboard** expands your visibility into the overall security posture of your organization. From this dashboard, you'll be able to quickly assess the security posture of your organization, see machines that require attention, as well as recommendations for actions to further reduce the attack surface in your organization - all in one place. +[View the Threat & Vulnerability Management dashboard](tvm-dashboard-insights.md) | The **Threat & Vulnerability Management dashboard** lets you view exposure and configuration scores side-by-side with top security recommendations, software vulnerability, remediation activities, and exposed machines. [View the Threat analytics dashboard and take recommended mitigation actions](threat-analytics.md) | The **Threat analytics** dashboard helps you continually assess and control risk exposure to threats. Use the charts to quickly identify machines for the presence or absence of mitigations. \ No newline at end of file diff --git a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md index 57b00a8aa0..9ba7a43bf9 100644 --- a/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md +++ b/windows/security/threat-protection/windows-defender-antivirus/why-use-microsoft-antivirus.md @@ -34,7 +34,7 @@ Although you can use a non-Microsoft antivirus solution with Microsoft Defender | |Advantage |Why it matters | |--|--|--| |1|Antivirus signal sharing |Microsoft applications and services share signals across your enterprise organization, providing a stronger single platform. See [Insights from the MITRE ATT&CK-based evaluation of Windows Defender ATP](https://www.microsoft.com/security/blog/2018/12/03/insights-from-the-mitre-attack-based-evaluation-of-windows-defender-atp/). | -|2|Threat analytics and your secure score |Windows Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [secure score](../microsoft-defender-atp/overview-secure-score.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. | +|2|Threat analytics and your configuration score |Windows Defender Antivirus collects underlying system data used by [threat analytics](../microsoft-defender-atp/threat-analytics.md) and [configuration score](../microsoft-defender-atp/configuration-score.md). This provides your organization's security team with more meaningful information, such as recommendations and opportunities to improve your organization's security posture. | |3|Performance |Microsoft Defender ATP is designed to work with Windows Defender Antivirus, so you get better performance when you use these offerings together. [Evaluate Windows Defender Antivirus](evaluate-windows-defender-antivirus.md) and [Microsoft Defender ATP](../microsoft-defender-atp/evaluate-atp.md).| |4|Details about blocked malware |More details and actions for blocked malware are available with Windows Defender Antivirus and Microsoft Defender ATP. [Understand malware & other threats](../intelligence/understanding-malware.md).| |5|Network protection |Your organization's security team can protect your network by blocking specific URLs and IP addresses. [Protect your network](../microsoft-defender-atp/network-protection.md).|