Merge pull request #954 from MicrosoftDocs/main

American-Dipper · web-flow · commit 5ed0fc51dde3 · 2024-07-15T15:45:51.000-07:00
publish main to live 7/15/24 3:30 PM
diff --git a/defender-endpoint/android-whatsnew.md b/defender-endpoint/android-whatsnew.md
@@ -14,7 +14,7 @@ ms.collection:
 ms.topic: reference
 ms.subservice: android
 search.appverid: met150
-ms.date: 03/04/2024
+ms.date: 07/15/2024
 ---
 
 # What's new in Microsoft Defender for Endpoint on Android
@@ -27,6 +27,12 @@ ms.date: 03/04/2024
 
 Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink)
 
+## Network protection
+
+Network protection on Microsoft Defender for Endpoint is now available. Network protection provides protection against rogue Wi-Fi related threats, rogue hardware like pineapple devices, and rogue certificates. It notifies the user if a related threat is detected. Users also see a guided experience to connect to secure networks and change networks when they're connected to an unsecure connection.
+
+> [!IMPORTANT]
+> Network protection feature will soon be enabled by default for all users. The update will be rolled out in a phased manner. As a result, users will be able to see a network protection card in the Defender for Endpoint app, along with App Protection and Web Protection. Users are also required to provide location permission to complete the set up. Admins can change the default value for network protection if they decide not to use it via the Intune App Configuration policies. There are also several admin controls to offer flexibility, including privacy controls to configure the data that's sent by Defender for Endpoint from Android devices. For more information, see [network protection](android-configure.md).
 
 ## Device Tagging
 
@@ -36,7 +42,7 @@ This configuration is available for both the enrolled (MDM) devices and unenroll
 
 ## Microsoft Defender for Endpoint on Company-owned personally enabled devices
 
-MDE is now generally available on AE COPE devices. Enterprises can onboard devices on COPE mode and push MDE to user's devices through the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). With this support, Android Enterprise COPE devices get the full capabilities of our offering on Android, including:
+Defender for Endpoint is now generally available on AE COPE devices. Enterprises can onboard devices on COPE mode and push Defender for Endpoint to user's devices through the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431). With this support, Android Enterprise COPE devices get the full capabilities of our offering on Android, including:
 
 - Phishing and web protection.
 - Malware scanning.
@@ -51,28 +57,26 @@ Microsoft Defender for Endpoint on Android enables Privacy Controls for both the
 
 ## Optional Permissions and Disable Web Protection
 
-Microsoft Defender for Endpoint on Android enables **Optional Permissions** in the onboarding flow. Currently the permissions required by MDE are mandatory in the onboarding flow. With this feature, admin can deploy MDE on devices without enforcing the mandatory **VPN** and **Accessibility** permissions during onboarding. End Users can onboard the app without the mandatory permissions and can later review these permissions. This feature is currently present only for unenrolled devices (MAM). For more information, see [optional permissions](android-configure-mam.md#optional-permissions).
+Microsoft Defender for Endpoint on Android enables **Optional Permissions** in the onboarding flow. Currently the permissions required by Defender for Endpoint are mandatory in the onboarding flow. With this feature, admin can deploy Defender for Endpoint on devices without enforcing the mandatory **VPN** and **Accessibility** permissions during onboarding. End Users can onboard the app without the mandatory permissions and can later review these permissions. This feature is currently present only for unenrolled devices (MAM). For more information, see [optional permissions](android-configure-mam.md#optional-permissions).
 
 ## Microsoft Defender on Android enterprise BYOD personal profile
 
 Microsoft Defender for Endpoint is now supported on Android Enterprise personal profile (BYOD only) with all the key features including malware scanning, protection from phishing links, network protection and vulnerability management. This support is coupled with [privacy controls](android-configure.md#privacy-controls) to ensure user privacy on personal profile. For more information, read the [announcement](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/announcing-the-public-preview-of-defender-for-endpoint-personal/ba-p/3370979) and the [deployment guide](android-intune.md#set-up-microsoft-defender-in-personal-profile-on-android-enterprise-in-byod-mode).
 
-## Network protection
 
-Network Protection on Microsoft Defender for Endpoint is now available. Network protection provides protection against rogue Wi-Fi related threats, rogue hardware like pineapple devices and notifies the user if a related threat is detected. Users also see a guided experience to connect to secure networks and change networks when they're connected to an unsecure connection.
-> [!IMPORTANT]
-> Network protection feature will soon be enabled by default for all users. The update will be rolled out in a phased manner. As a result, users will be able to see Network Protection Card in the Defender for Endpoint iOS app along with App Protection and Web Protection. Users are also required to provide Location permission to complete the set up. Admins can change the default value for the Network Protection feature if they decide not to use it via the Intune App Configuration policies. There are also several admin controls to offer flexibility, including privacy controls to configure the data that's sent by Defender for Endpoint from Android devices. For more information, see [network protection](android-configure.md).
+## Microsoft Defender on Android app updates
 
-
-> [!NOTE]
-> Microsoft Defender is no longer supported for versions 1.0.3011.0302 or earlier. Users are requested to upgrade to latest versions to keep their devices secure.
+Microsoft Defender is no longer supported for versions 1.0.3011.0302 or earlier. Users are requested to upgrade to latest versions to keep their devices secure.
 
 To update, users can use the following steps:
 
-> 1. On your work profile, go to Managed Play Store.
-> 2. Tap on the profile icon on the top right corner and select "Manage apps and device".
-> 3. Locate MDE under updates available and select update.
-> If you encounter any issues, [submit in-app feedback](android-support-signin.md#send-in-app-feedback).
+1. On your work profile, go to Managed Play Store.
+
+2. Tap on the profile icon on the top right corner and select **Manage apps and device**.
+
+3. Locate Defender for Endpoint under updates available and select **Update**.
+
+If you encounter any issues, [submit in-app feedback](android-support-signin.md#send-in-app-feedback).
 
 ## Microsoft Defender for Endpoint is now Microsoft Defender in the Play store
 
@@ -84,19 +88,19 @@ On January 25, 2022, we announced the general availability of Vulnerability mana
 
 ## Upcoming permission changes for Microsoft Defender for Endpoint running Android 11 or later (Nov 2021)
 
-Release Build: 1.0.3501.0301
+Release Build: `1.0.3501.0301`
 Release month: Nov 2021
 Microsoft Defender for Endpoint has released this update required by [Google](https://developer.android.com/distribute/play-policies#APILevel30) to upgrade to Android API 30. This change prompts users seeking access to [new storage permission](https://developer.android.com/training/data-storage/manage-all-files#all-files-access-google-play), for devices running Android 11 or later. Users need to accept this new storage permission once they update Defender app with the release build 1.0.3501.0301 or later. This update ensures that Defender for Endpoint's app security feature to function without any disruption. For more information, review the following sections.
 
 **How will this affect your organization:** These changes take effect if you're using Microsoft Defender for Endpoint on devices running Android 11 or later and updated Defender for Endpoint to release build 1.0.3501.0301 or later.
 
 > [!NOTE]
-> The new storage permissions cannot be configured by admin to 'Auto Approve' through Microsoft Intune. User will need to take action to provide access to this permission.
+> The new storage permissions cannot be configured by admin to auto approve through Microsoft Intune. User will need to take action to provide access to this permission.
 
-- **User experience:** Users receive a notification indicating a missing permission for app security. If the user denies this permission, the 'App security' functionality is turned off on the device. If user doesn't accept or deny permission, they'll continue to receive the prompt when unlocking their device or opening the app, until it has been approved.
+- **User experience:** Users receive a notification indicating a missing permission for app security. If the user denies this permission, app security functionality is turned off on the device. If user doesn't accept or deny permission, they continue to receive the prompt when unlocking their device or opening the app, until it's approved.
 
 > [!NOTE]
-> If your organization is previewing 'Tamper protection' feature and if the new storage permissions are not granted by the user within 7 days of updating to the latest version, the user might lose access to corporate resources.
+> If your organization is previewing the tamper protection feature and if the new storage permissions are not granted by the user within 7 days of updating to the latest version, the user might lose access to corporate resources.
 
 **What you need to do to prepare:**
 
diff --git a/defender-endpoint/ios-privacy.md b/defender-endpoint/ios-privacy.md
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: ios
 search.appverid: met150
-ms.date: 12/18/2020
+ms.date: 07/15/2024
 ---
 
 # Privacy information - Microsoft Defender for Endpoint on iOS
@@ -48,9 +48,8 @@ Here is a list of the types of data being collected:
 
 ### Device and account information
 
-- Device information such as date & time, iOS version, CPU info, and Device identifier, where Device identifier is one of the following:
-  - Wi-Fi adapter MAC address
-  - Randomly generated globally unique identifier (GUID)
+- Device information such as date and time, iOS version, CPU info, and device identifier (randomly generated globally unique identifier GUID).
+
 - Tenant, Device, and User information
   - Microsoft Entra Device ID and Azure User ID - Uniquely identifies the device, User respectively at Microsoft Entra ID.
   - Azure tenant ID - GUID that identifies your organization within Microsoft Entra ID.
diff --git a/defender-endpoint/microsoft-defender-antivirus-updates.md b/defender-endpoint/microsoft-defender-antivirus-updates.md
@@ -3,7 +3,7 @@ title: Microsoft Defender Antivirus security intelligence and product updates
 description: Manage how Microsoft Defender Antivirus receives protection and product updates.
 ms.service: defender-endpoint
 ms.localizationpriority: high
-ms.date: 07/09/2024
+ms.date: 07/15/2024
 audience: ITPro
 ms.topic: reference
 author: siosulli
@@ -98,11 +98,11 @@ All our updates contain
 - Serviceability improvements
 - Integration improvements (Cloud, [Microsoft Defender XDR](/defender-xdr/microsoft-365-defender))
 
-### June-2024 (Platform: 4.18.24060.xxxx | Engine: 1.1.24060.5)
+### June-2024 (Platform: 4.18.24060.7 | Engine: 1.1.24060.5)
 
 - Security intelligence update version: **1.415.1.0**
-- Release date: **July 9, 2024** (Engine) / **TBD** (Platform)
-- Platform: **4.18.24060.xxxx**
+- Release date: **July 9, 2024** (Engine) / **July 15, 2024** (Platform)
+- Platform: **4.18.24060.7**
 - Engine: **1.1.24060.5**
 - Support phase: **Security and Critical Updates**
 
@@ -116,6 +116,8 @@ All our updates contain
 - Fixed potentially packet loss due to [network protection](network-protection.md) shutdown that could lead to deadlock.
 - Implemented performance improvements for scenarios where WDAC is enabled with Intelligent Security Graph.
 - Fixed an issue where an Outlook exclusion for the ASR rule [Block Office applications from injecting code into other processes](/defender-endpoint/attack-surface-reduction-rules-reference#block-office-applications-from-injecting-code-into-other-processes) was not honored.
+- Fixed a race condition during the startup of [endpoint data loss prevention](/purview/endpoint-dlp-getting-started), such that in certain environments, some system files could be corrupted.
+
 
 ### May-2024 (Engine: 1.1.24050.5 | Platform: 4.18.24050.7)
 
@@ -148,28 +150,6 @@ All our updates contain
 - Improved health monitoring and telemetry for [attack surface rules](overview-attack-surface-reduction.md) exclusions.
 - Updated inaccurate information in [Configure exclusions for files opened by processes](configure-process-opened-file-exclusions-microsoft-defender-antivirus.md) regarding wildcard usage with contextual exclusions.
 
-### March-2024 (Engine: 1.1.24030.4 | Platform: 4.18.24030.9)
-
-- Security intelligence update version: **1.409.1.0**
-- Release date: **April 2, 2024** (Engine) / **April 9, 2024** (Platform)
-- Engine: **1.1.24030.4**
-- Platform: **4.18.24030.9**
-- Support phase: **Security and Critical Updates**
-
-#### What's new
-
-- Added manageability settings to opt out for One Collector telemetry channel and Experimentation and Configuration Service (ECS).
-- Microsoft Defender Core Service will be disabled when 3rd party Antivirus is installed (except when Defender for Endpoint is running in Passive mode).
-- The known issue in [4.18.24020.7](msda-updates-previous-versions-technical-upgrade-support.md#february-2024-engine-11240209--platform-418240207) where enforcement of device level access policies wasn't working as expected no longer occurs.
-- Fixed high CPU issue caused by redetection done during Sense originating scans.
-- Fixed an issue with Security Intelligence Update disk cleanup.
-- Fixed an issue where the Signature date information on the Security Health report wasn't accurate.
-- Introduced performance improvements when processing paths for exclusions.
-- Added improvements to allow recovering from erroneously added [Indicators of compromise (IoC)](manage-indicators.md).
-- Improved resilience in processing [attack surface reduction](attack-surface-reduction.md) exclusions for Anti Malware Scan Interface (AMSI) scans.
-- Fixed a high memory issue related to the [Behavior Monitoring](behavior-monitor.md) queue that occurred when MAPS is disabled.
-- A possible deadlock when receiving a [Tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) configuration change from the [Microsoft Defender portal](https://security.microsoft.com) no longer occurs.
-
 ### Previous version updates: Technical upgrade support only
 
 After a new package version is released, support for the previous two versions is reduced to technical support only. For more information about previous versions, see [Microsoft Defender Antivirus updates: Previous versions for technical upgrade support](msda-updates-previous-versions-technical-upgrade-support.md).
diff --git a/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support.md b/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support.md
@@ -6,7 +6,7 @@ ms.author: siosulli
 author: siosulli
 ms.localizationpriority: medium
 ms.reviewer: pahuijbr
-ms.date: 06/07/2024
+ms.date: 07/15/2024
 manager: deniseb
 audience: ITPro
 ms.collection:
@@ -27,6 +27,28 @@ search.appverid: met150
 
 Microsoft regularly releases [security intelligence updates and product updates for Microsoft Defender Antivirus](microsoft-defender-antivirus-updates.md). It's important to keep Microsoft Defender Antivirus up to date. When a new package version is released, support for the previous two versions is reduced to technical support only. Versions that are older than the previous two versions are listed in this article and are provided for technical upgrade support only.
 
+## March-2024 (Engine: 1.1.24030.4 | Platform: 4.18.24030.9)
+
+- Security intelligence update version: **1.409.1.0**
+- Release date: **April 2, 2024** (Engine) / **April 9, 2024** (Platform)
+- Engine: **1.1.24030.4**
+- Platform: **4.18.24030.9**
+- Support phase: **Technical upgrade support (only)**
+
+### What's new
+
+- Added manageability settings to opt out for One Collector telemetry channel and Experimentation and Configuration Service (ECS).
+- Microsoft Defender Core Service will be disabled when 3rd party Antivirus is installed (except when Defender for Endpoint is running in Passive mode).
+- The known issue in [4.18.24020.7](msda-updates-previous-versions-technical-upgrade-support.md#february-2024-engine-11240209--platform-418240207) where enforcement of device level access policies wasn't working as expected no longer occurs.
+- Fixed high CPU issue caused by redetection done during Sense originating scans.
+- Fixed an issue with Security Intelligence Update disk cleanup.
+- Fixed an issue where the Signature date information on the Security Health report wasn't accurate.
+- Introduced performance improvements when processing paths for exclusions.
+- Added improvements to allow recovering from erroneously added [Indicators of compromise (IoC)](manage-indicators.md).
+- Improved resilience in processing [attack surface reduction](attack-surface-reduction.md) exclusions for Anti Malware Scan Interface (AMSI) scans.
+- Fixed a high memory issue related to the [Behavior Monitoring](behavior-monitor.md) queue that occurred when MAPS is disabled.
+- A possible deadlock when receiving a [Tamper protection](prevent-changes-to-security-settings-with-tamper-protection.md) configuration change from the [Microsoft Defender portal](https://security.microsoft.com) no longer occurs.
+
 ## February-2024 (Engine: 1.1.24020.9 | Platform: 4.18.24020.7)
 
 - Security intelligence update version: **1.407.46.0**
diff --git a/defender-vulnerability-management/tvm-supported-os.md b/defender-vulnerability-management/tvm-supported-os.md
@@ -13,7 +13,7 @@ ms.collection:
   - Tier2
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 04/26/2024
+ms.date: 07/15/2024
 ---
 
 # Supported operating systems, platforms and capabilities
@@ -50,6 +50,7 @@ In the following table, "Yes" indicates that a vulnerability management capabili
 |Amazon Linux 2|Yes|Yes|Yes|Yes|Yes|
 |Android 6.0 or higher|Yes|Yes|Not supported|Not supported|Not supported|
 |iOS 12.0 or higher|Yes|Yes|Not supported|Not supported|Not supported|
+|iPadOS |Yes|Yes|Not supported|Not supported|Not supported|
 
 > [!NOTE]
 > Some features are not available for down-level Operating System, check the Microsoft Defender portal for more details on supported OS.
