Merge pull request #1967 from MicrosoftDocs/main

Published main to live, Wednesday 5:00 PM IST, 11/20

Author: padmagit77

defender-vulnerability-management/defender-vulnerability-management-faq.md

@@ -130,7 +130,7 @@ The [Windows authenticated scan](windows-authenticated-scan.md) deprecation proc
 
 ### Why is this product being deprecated?
 
-The deprecation is to streamline offerings and focus on features that provide greater value to customers. This change allows our teams to allocate resources to innovations that better meet customer needs. We understand transitions can be challenging, and we're here to support you throughout the process. Let us know if you have any questions or need assistance.
+We're deprecating Windows authenticated scan to allow our teams to allocate resources to other product innovations. We understand transitions can be challenging, and we're here to support you throughout the process. Let us know if you have any questions or need assistance with this change.
 
 ### When will the product be officially deprecated?
 

defender-vulnerability-management/tvm-security-baselines.md

@@ -12,7 +12,7 @@ ms.collection:
   - Tier1
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 03/01/2023
+ms.date: 11/19/2024
 ---
 
 # Security baselines assessment
@@ -153,6 +153,108 @@ You can run advanced hunting queries on the following tables to gain visibility
 - **DeviceBaselineComplianceAssessment**: device compliance related information.
 - **DeviceBaselineComplianceAssessmentKB**: general settings for CIS and STIG benchmarks (not related to any device).
 
+## Known issues with data collection
+
+We are aware of known issues affecting data collection in certain versions of the CIS, STIG, and Microsoft benchmarks. The issues might cause inaccurate or incomplete results when running tests in these versions. These issues are being actively worked on and will be resolved in future updates.
+
+We recommend to exclude the affected tests from the benchmark profile while running the assessment to avoid the impact of these issues.
+
+If your benchmark version is not listed below and you're experiencing issues, please contact [Microsoft Support](https://support.microsoft.com) to help us investigate further and assist you with a resolution.
+
+The following CIS, Microsoft, and STIG benchmarks are affected:
+
+- **CIS**
+  - CIS 17.1.1 
+  - CIS 17.2.1 
+  - CIS 17.3.1 to 17.3.2
+  - CIS 17.5.1 to 17.5.6
+  - CIS 17.6.1 to 17.6.4 
+  - CIS 17.7.1 to 17.7.5
+  - CIS 17.8.1
+  - CIS 17.9.1 to 17.9.5
+
+- **CIS Checks Additions**
+  - CIS 2.3.7.3 to 2.3.7.5
+  - CIS 2.3.10.1
+  - CIS 1.1.5
+
+- **Microsoft Checks**
+  - Microsoft 2.1
+  - Microsoft 2.10
+  - Microsoft 2.12 to 2.30
+  - Microsoft 2.33 to 2.37
+  - Microsoft 2.40 to 2.50
+  - Microsoft 3.55
+  - Microsoft 3.57
+  - Microsoft 3.60
+  - Microsoft 3.72
+
+- **Microsoft Certificate Store Checks for Windows and Windows Server**
+  - MCS 1.1 for Windows 10 1909 (Temporary) 1.1.5
+  - MCS 2.0 for Windows 10 1909 (Temporary) 1.1.5
+  - MCS 1.1 for Windows 10 20H2 (Temporary) 1.1.5
+  - MCS 2.0 for Windows 10 20H2 (Temporary) 1.1.5
+  - MCS 2.0 for Windows 10 v21H2 1.1.5
+  - MCS 2.0 for Windows 10 v22H2 1.1.5
+  - MCS 2.0 for Windows 11 1.1.5
+  - MCS 2.0 for Windows 11 23H2 1.1.5
+  - MCS 2.0 for Windows Server 2022 1.1.5
+  - MCS 2.0 for Windows Server 2022 Domain Controller 1.1.5
+  - MCS 2.0 for Windows Server 2019 1.1.5
+  - MCS 2.0 for Windows Server 2019 Domain Controller 1.1.5
+  - MCS 2.0 for Windows Server 2016 1.1.5
+  - MCS 2.0 for Windows Server 2016 Domain Controller 1.1.5
+  - MCS 2.0 for Windows Server 2012_R2 1.1.5
+  - MCS 1.1 for Windows Server 2008_R2 (Temporary) 1.1.5
+  - MCS 2.0 for Windows Server 2022 Domain Controller 2.3.10.1
+  - MCS 2.0 for Windows Server 2019 Domain Controller 2.3.10.1
+  - MCS 2.0 for Windows Server 2016 Domain Controller 2.3.10.1
+
+- **STIG List**
+  - STIG SV-205678r569188
+  - STIG SV-220746r569187
+  - STIG SV-220754r569187
+  - STIG SV-220757r569187
+  - STIG SV-220760r569187
+  - STIG SV-220767r569187
+  - STIG SV-220768r569187
+  - STIG SV-220768r851975
+  - STIG SV-220775r569187
+  - STIG SV-220775r851978
+  - STIG SV-220786r569187
+  - STIG SV-220769r569187
+  - STIG SV-225273r569185
+  - STIG SV-225281r569185
+  - STIG SV-225284r569185
+  - STIG SV-225287r569185
+  - STIG SV-225292r569185
+  - STIG SV-225294r569185
+  - STIG SV-225294r852189
+  - STIG SV-225295r569185
+  - STIG SV-225302r569185
+  - STIG SV-225302r852194
+  - STIG SV-226092r569184
+  - STIG SV-226092r794343
+  - STIG SV-226099r569184
+  - STIG SV-226099r794279
+  - STIG SV-226102r569184
+  - STIG SV-226102r794335
+  - STIG SV-226107r569184
+  - STIG SV-226107r794336
+  - STIG SV-226110r569184
+  - STIG SV-226110r794366
+  - STIG SV-226117r569184
+  - STIG SV-226117r794356
+  - STIG SV-226117r852079
+  - STIG SV-226109r569184
+  - STIG SV-226109r794353
+  - STIG SV-226109r852074
+  - STIG SV-226063r569184
+  - STIG SV-226063r794292
+  - STIG SV-254271r848629
+  - STIG SV-224873r569186
+
+
 ## Related articles
 
 - [Vulnerabilities in my organization](tvm-weaknesses.md)

defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management.md

@@ -11,7 +11,7 @@ audience: ITPro
 ms.collection:
   - m365-security
 ms.topic: conceptual
-ms.date: 11/07/2024
+ms.date: 11/19/2024
 ---
 
 # What's new in Microsoft Defender Vulnerability Management
@@ -23,6 +23,7 @@ This article provides information about new features and important product updat
 
 ## November 2024
 
+- We are aware of issues affecting data collection in several versions of CIS, STIG, and Microsoft benchmarks. We are actively working on a fix and will provide an update when the issue is resolved. For more information, see [Known issues with data collection](tvm-security-baselines.md#known-issues-with-data-collection).
 - The deprecation process of the Windows authenticated scan will begin on November 2024 and concludes on November 30, 2025. For more information, see [Windows authenticated scan deprecation FAQs](defender-vulnerability-management-faq.md#windows-authenticated-scan-deprecation-faqs).
 
 ## July 2024