Skip to content

Commit 0678b2d

Browse files
m365-skilling-repo-management[bot]m365-skilling-repo-management[bot]
authored
Merge pull request #4659 from MicrosoftDocs/main
[AutoPublish] main to live - 08/04 20:06 PDT | 08/05 08:36 IST
2 parents 104b734 + 2ce5468 commit 0678b2d

File tree

2 files changed

+7
-0
lines changed

2 files changed

+7
-0
lines changed

defender-endpoint/whats-new-in-microsoft-defender-endpoint.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,10 @@ For more information on what's new with other Microsoft Defender security produc
4646
- [What's new in Microsoft Defender for Cloud Apps](/cloud-app-security/release-notes)
4747
- [What's new in Microsoft Defender Vulnerability Management](/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management)
4848

49+
## July 2025
50+
51+
- (GA) [Microsoft Defender Core service](/defender-endpoint/microsoft-defender-core-service-overview) is now generally available on Windows Server 2019 or later. Helps with the stability and performance of Microsoft Defender Antivirus.
52+
4953
## April 2025
5054

5155
- (Preview) **Contain IP addresses of undiscovered devices**: Containing IP addresses associated with devices that are undiscovered or are not onboarded to Defender for Endpoint is now in preview. Containing an IP address prevents attackers from spreading attacks to other non-compromised devices. See [Contain IP addresses of undiscovered devices](respond-machine-alerts.md#contain-ip-addresses-of-undiscovered-devices) for more information.

defender-xdr/m365d-autoir-actions.md

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -69,6 +69,9 @@ If you've determined that a device or a file is not a threat, you can undo remed
6969
|:---|:---|
7070
| - Automated investigation <br/>- Microsoft Defender Antivirus <br/>- Manual response actions | - Isolate device <br/>- Contain device <br/>- Contain user <br/>- Restrict code execution <br/>- Quarantine a file <br/>- Remove a registry key <br/>- Stop a service <br/>- Disable a driver <br/>- Remove a scheduled task |
7171

72+
> [!NOTE]
73+
> Only Security Administrators and Global Administrators are allowed access to undo operations such as File Quarantine.
74+
7275
### Undo one remediation action
7376

7477
1. Go to the Action center ([https://security.microsoft.com/action-center](https://security.microsoft.com/action-center)) and sign in.

0 commit comments

Comments
 (0)