Merge pull request #4667 from DeCohen/WI476131-add-zure-stack-hcioc-version-and-later

Windows Server 2025, Azure Stack HCI OC version 23H2 and later.

Author: paulinbar

defender-endpoint/aggregated-reporting.md

@@ -38,8 +38,8 @@ The following requirements must be met before turning on aggregated reporting:
 
 Aggregated reporting supports the following:
 
-- Client version: Windows version 2411 and later
-- Operating systems: Windows 11 22H2, Windows 11 Enterprise, Windows 10 20H2, 21H1, 21H2, Windows Server 2025, Windows Server 2022, Windows Server 2019, or Windows Server version 20H2
+- Client version: Windows version 24H and later
+- Operating systems: Windows 11 (22H2, Enterprise), Windows 10 (20H2, 21H1, 21H2), Windows Server 2019 and later, Windows Server version 20H2 or Azure Stack HCI OS, version 23H2 and later
 
 ## Turn on aggregated reporting
 

defender-endpoint/api/get-live-response-result.md

@@ -70,6 +70,7 @@ Before you can initiate a session on a device, make sure you fulfill the followi
   - **Windows Server 2022**  
 
   - **Windows Server 2025**
+  - **Azure Stack HCI OS, version 23H2 and later**
 
 ## Permissions
 

defender-endpoint/api/initiate-autoir-investigation.md

@@ -45,17 +45,16 @@ See [Overview of automated investigations](../automated-investigations.md) for m
 
 ## Requirements for AIR
 
-Your organization must have Defender for Endpoint (see [Minimum requirements for Microsoft Defender for Endpoint](../minimum-requirements.md).
+Your organization must have Defender for Endpoint see: [Minimum requirements for Microsoft Defender for Endpoint](../minimum-requirements.md).
 
 Currently, AIR only supports the following OS versions:
 
 - Windows 11
 - Windows 10, version [1803](/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later
 - Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464/windows-10-update-kb4493464)) or later
 - Windows 10, version 1709 (OS Build 16299.1085 with [KB4493441](https://support.microsoft.com/help/4493441/windows-10-update-kb4493441)) or later
-- Windows Server 2025
-- Windows Server 2022
-- Windows Server 2019
+- Windows Server 2019 and later
+- Azure Stack HCI OS, version 23H2 and later
 
 ## Permissions
 
@@ -103,7 +102,7 @@ If successful, this method returns 201 - Created response code and [Investigatio
 
 ### Request
 
-Here is an example of the request.
+Here's an example of the request.
 
 ```https
 POST https://api.security.microsoft.com/api/machines/1e5bc9d7e413ddd7902c2932e418702b84d0cc07/startInvestigation

defender-endpoint/api/run-live-response.md

@@ -87,6 +87,7 @@ Before you can initiate a session on a device, make sure you fulfill the followi
   - **Windows Server 2022**
 
 - **Windows Server 2025**
+- **Azure Stack HCI OS, version 23H2 and later**
 
   - **macOS** [(requires other configuration profiles)](../microsoft-defender-endpoint-mac.md)
       - 13 (Ventura)

defender-endpoint/attack-surface-reduction.md

@@ -142,6 +142,7 @@ You can set attack surface reduction rules for devices that are running any of t
 - [Windows Server 2019](/windows-server/get-started-19/whats-new-19)
 - [Windows Server 2016](/windows-server/get-started/whats-new-in-windows-server-2016)
 - [Windows Server 2012 R2](/previous-versions/windows/it-pro/windows-server-2012-r2-and-2012/hh801901(v=ws.11))
+- Azure Stack HCI OS, version 23H2 and later
 
   > [!NOTE]
   > Windows Server 2016 and Windows Server 2012 R2 must be onboarded using the instructions in [Onboard Windows Server 2012 R2 and Windows Server 2016 to Microsoft Defender for Endpoint](onboard-server.md) for this feature to work.

defender-endpoint/automated-investigations.md

@@ -91,6 +91,7 @@ Currently, AIR only supports the following OS versions:
 - Windows 10, version 1803 (OS Build 17134.704 with [KB4493464](https://support.microsoft.com/help/4493464/windows-10-update-kb4493464)) or later
 - Windows 10, version [1803](/windows/release-information/status-windows-10-1809-and-windows-server-2019) or later
 - Windows 11
+- Azure Stack HCI OS, version 23H2 and later
 
 > [!NOTE]
 > Automated investigation and response on Windows Server 2012 R2 and Windows Server 2016 requires the [Unified Agent](onboard-server.md#functionality-in-the-modern-unified-solution-for-windows-server-2016-and-windows-server-2012-r2) to be installed. 

defender-endpoint/configure-device-connectivity.md

@@ -86,6 +86,7 @@ Devices must meet specific prerequisites to use the streamlined connectivity met
 - Windows Server 2012 R2 or Windows Server 2016, fully updated running Defender for Endpoint modern unified solution (installation through MSI).
 - [macOS supported versions](microsoft-defender-endpoint-mac.md) with MDE product version 101.24022.*+
 - [Linux supported versions](microsoft-defender-endpoint-linux.md) with MDE product version 101.24022.*+
+- Azure Stack HCI OS, version 23H2 and later.
 
 > [!IMPORTANT]
 > - **Devices running on MMA agent are not supported** on the streamlined connectivity method and will need to continue using the standard URL set (Windows 7, Windows 8.1, Windows Server 2008 R2 MMA, Server 2012 & 2016 not upgraded to modern unified agent). 

defender-endpoint/configure-endpoints-vdi.md

@@ -28,12 +28,8 @@ ms.subservice: onboard
 - Virtual desktop infrastructure (VDI) devices
 - Windows 11
 - Windows 10
-- Windows Server 2025
-- Windows Server 2022
-- Windows Server 2019
-- Windows Server 2016
-- Windows Server 2012 R2
-- Windows Server 2008
+- Windows Server 2012 R2 and later
+- Azure Stack HCI OS, version 23H2 and later
 
 
 > Want to experience Defender for Endpoint? [Sign up for a free trial.](https://go.microsoft.com/fwlink/p/?linkid=2225630)

defender-endpoint/configure-server-exclusions-microsoft-defender-antivirus.md

@@ -336,7 +336,7 @@ Because Microsoft Defender Antivirus is built into Windows, it doesn't require e
 In Windows Server 2016 and later, the predefined exclusions delivered by [Security intelligence updates](microsoft-defender-antivirus-updates.md#security-intelligence-updates) only exclude the default paths for a role or feature. If you installed a role or feature in a custom path, or you want to manually control the set of exclusions, make sure to opt out of the automatic exclusions delivered in Security intelligence updates. But keep in mind that the exclusions that are delivered automatically are optimized for Windows Server 2016 and later. See [Important points about exclusions](configure-exclusions-microsoft-defender-antivirus.md#important-points-about-exclusions) before defining your exclusion lists.
 
 > [!WARNING]
-> Opting out of automatic exclusions might adversely impact performance, or result in data corruption. Automatic server role exclusions are optimized for Windows Server 2016, Windows Server 2019, Windows Server 2022, and Windows Server 2025. 
+> Opting out of automatic exclusions might adversely impact performance, or result in data corruption. Automatic server role exclusions are optimized for Windows Server 2016 and later and Azure Stack HCI OS, version 23H2 and later.
 
 
 Because predefined exclusions only exclude **default paths**, if you move NTDS and SYSVOL folders to another drive or path that is *different from the original path*, you must add exclusions manually. See [Configure the list of exclusions based on folder name or file extension](configure-extension-file-exclusions-microsoft-defender-antivirus.md#configure-the-list-of-exclusions-based-on-folder-name-or-file-extension).

defender-endpoint/controlled-folders.md

@@ -51,7 +51,7 @@ Controlled folder access is supported on:
 
 - Windows 11
 - Windows 10
-- Windows Server 2025
+- Windows Server 2025Azure Stack HCI OS, version 23H2 and later.
 - Windows Server 2022
 - Windows Server 2019
 - Windows Server 2016