Merge pull request #2446 from MicrosoftDocs/main

main to live publish, 1/14/2025, 10:45 AM

Author: rjagiewich

defender-endpoint/command-line-arguments-microsoft-defender-antivirus.md

@@ -71,6 +71,12 @@ In our example, the MpCmdRun utility starts a full antivirus scan on the device.
 |`-ResetPlatform`| Reset platform binaries back to `%ProgramFiles%\Windows Defender`.|
 |`-RevertPlatform`| Revert platform binaries back to the previously installed version of the Defender platform.|
 
+> [!NOTE]
+> For the "Scan" command, the following are the default timeout values for Quick or Full scans where the scan will stop at that time by default.
+> - Portal initiated scans (Quick or Full) or Windows Security app (Quick or Full): No time limit
+> - Scheduled Full Scans or MpCmdRun -scan: 7 day limit
+> - Scheduled Quick Scans or MpCmdRun -scan: 1 day limit
+
 ## Common errors in running commands via mpcmdrun.exe
 
 The following table lists common errors that can occur while using the MpCmdRun tool.

defender-endpoint/enable-attack-surface-reduction.md

@@ -76,10 +76,10 @@ You can enable attack surface reduction rules by using any of these methods:
 - [Microsoft Intune](#intune)
 - [Mobile Device Management (MDM)](#mdm)
 - [Microsoft Configuration Manager](#microsoft-configuration-manager)
-- [Group Policy](#group-policy)
+- [Group policy (GP)](#group-policy)
 - [PowerShell](#powershell)
 
-Enterprise-level management such as Intune or Microsoft Configuration Manager is recommended. Enterprise-level management overwrites any conflicting Group Policy or PowerShell settings on startup.
+Enterprise-level management such as Intune or Microsoft Configuration Manager is recommended. Enterprise-level management overwrites any conflicting group policy or PowerShell settings on startup.
 
 ## Exclude files and folders from attack surface reduction rules
 
@@ -93,7 +93,8 @@ When adding exclusions, keep these points in mind:
 
 * Exclusions are typically based on individual files or folders (using folder paths or the full path of the file to be excluded).
 * Exclusion paths can use environment variables and wildcards. See [Use wildcards in the file name and folder path or extension exclusion lists](configure-extension-file-exclusions-microsoft-defender-antivirus.md#use-wildcards-in-the-file-name-and-folder-path-or-extension-exclusion-lists)
-* When deployed through Group Policy or PowerShell, exclusions apply to all attack surface reduction rules. Using Intune, it is possible to configure an exclusion for a specific attack surface reduction rule. See [Configure attack surface reduction rules per-rule exclusions](attack-surface-reduction-rules-deployment-test.md#configure-attack-surface-reduction-per-rule-exclusions)
+* When deployed through group policy or PowerShell, exclusions apply to all attack surface reduction rules. Using Intune, it is possible to configure an exclusion for a specific attack surface reduction rule. See [Configure attack surface reduction rules per-rule exclusions](attack-surface-reduction-rules-deployment-test.md#configure-attack-surface-reduction-per-rule-exclusions).
+
 * Exclusions can be added based on certificate and file hashes, by allowing specified Defender for Endpoint file and certificate indicators. See [Overview of indicators](indicators-overview.md).
 
 ## Policy Conflict
@@ -117,7 +118,7 @@ This section provides configuration details for the following configuration meth
 - [Custom profile in Intune](#custom-profile-in-intune)
 - [MDM](#mdm)
 - [Microsoft Configuration Manager](#microsoft-configuration-manager)
-- [Group Policy](#group-policy)
+- [Group policy](#group-policy)
 - [PowerShell](#powershell)
 
 The following procedures for enabling attack surface reduction rules include instructions for how to exclude files and folders.
@@ -267,12 +268,12 @@ Example:
 6. After the policy is created, select **Close**.
 
 > [!WARNING]
-> There is a known issue with the applicability of Attack Surface Reduction on Server OS versions which is marked as compliant without any actual enforcement. Currently, there is no ETA for when this will be fixed.
+> There is a known issue with the applicability of attack surface reduction on Server OS versions which is marked as compliant without any actual enforcement. Currently, there is no defined release date for when this will be fixed.
 
-### Group Policy
+### Group policy
 
 > [!WARNING]
-> If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting Group Policy settings on startup.
+> If you manage your computers and devices with Intune, Configuration Manager, or other enterprise-level management platform, the management software will overwrite any conflicting group policy settings on startup.
 
 1. On your Group Policy management computer, open the [Group Policy Management Console](https://technet.microsoft.com/library/cc731212.aspx), right-click the Group Policy Object you want to configure and select **Edit**.
 

defender-endpoint/microsoft-defender-antivirus-on-windows-server.md

@@ -107,7 +107,7 @@ sc query state= all
 
 To get your regular security intelligence updates, the Windows Update service must be running. If you use an update management service, like Windows Server Update Services (WSUS), make sure Microsoft Defender Antivirus Security intelligence updates are approved for the computers you manage.
 
-By default, Windows Update doesn't download and install updates automatically on Windows Server 2019 or Windows Server 2022, or Windows Server 2016. You can change this configuration by using one of the following methods:
+By default, Windows Update doesn't download and install updates automatically on Windows Server 2016, Windows Server 2019 or Windows Server 2022. You can change this configuration by using one of the following methods:
 
 | Method | Description |
 |---|---|
@@ -155,7 +155,7 @@ To enable automatic sample submission, start a Windows PowerShell console as an
 
 ## Configure automatic exclusions
 
-To help ensure security and performance, certain exclusions are automatically added based on the roles and features you install when using Microsoft Defender Antivirus on Windows Server 2016 or 2019, or Windows Server 2022.
+To help ensure security and performance, certain exclusions are automatically added based on the roles and features you install when using Microsoft Defender Antivirus on Windows Server 2016 or Windows Server 2019, or Windows Server 2022.
 
 See [Configure exclusions in Microsoft Defender Antivirus on Windows Server](configure-server-exclusions-microsoft-defender-antivirus.md).