Merge branch 'public' into patch-1

Author: denisebmsft

defender-endpoint/microsoft-defender-antivirus-updates.md

@@ -185,21 +185,23 @@ To install the latest security intelligence and antivirus engine updates, you ca
 
 - Windows Update
 - Windows Update server (WSUS)
-- Software Update server (SUP)
-- File server
+- Software Update Point (SUP)
+
+- [File server](/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus)
 - Windows Security app: See [Microsoft Defender Antivirus in the Windows Security app](/defender-endpoint/microsoft-defender-security-center-antivirus)
 - Command line, as follows:   
-   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe"-SignatureUpdate`   
-   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe"`   
-   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe"-SignatureUpdate -MMPC`   
+   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe" -SignatureUpdate`
+   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe" -SignatureUpdate \\FileServer\ShareName`
+   - `"%programdata%\Microsoft\Windows Defender\Platform\<version>\MpCmdRun.exe" -SignatureUpdate -MMPC`
 
 For more information, see [Manage the sources for Microsoft Defender Antivirus protection updates](/defender-endpoint/manage-protection-updates-microsoft-defender-antivirus).
 
 To get the latest platform updates, you can use any of the following methods: 
 
 - Windows Update
 - Windows Update server (WSUS)
-- Software Update server (SUP)
+- Software Update Point (SUP)
+
 - Windows Security app: See [Microsoft Defender Antivirus in the Windows Security app](/defender-endpoint/microsoft-defender-security-center-antivirus)
 - The [Windows Update Catalog](https://www.catalog.update.microsoft.com/Search.aspx?q=KB4052623)
 

defender-endpoint/whats-new-in-microsoft-defender-endpoint.md

@@ -50,6 +50,13 @@ For more information on what's new with other Microsoft Defender security produc
 
 - (Preview) **Contain IP addresses of undiscovered devices**: Containing IP addresses associated with devices that are undiscovered or are not onboarded to Defender for Endpoint is now in preview. Containing an IP address prevents attackers from spreading attacks to other non-compromised devices. See [Contain IP addresses of undiscovered devices](respond-machine-alerts.md#contain-ip-addresses-of-undiscovered-devices) for more information.
 
+- (GA) **Attack Surface Reduction (ASR) Rules**
+
+Two new ASR rules are now generally available:
+
+  - [Block rebooting machine in Safe Mode](/defender-endpoint/attack-surface-reduction-rules-reference): This rule prevents the execution of commands to restart machines in Safe Mode.
+  - [Block use of copied or impersonated system tools](/defender-endpoint/attack-surface-reduction-rules-reference): This rule blocks the use of executable files that are identified as copies of Windows system tools. These files are either duplicates or impostors of the original system tools.
+    
 ## February 2025
 
 - (GA) **Aggregated reporting in Microsoft Defender for Endpoint** is now generally available. For more information, see [Aggregated reporting in Microsoft Defender for Endpoint](aggregated-reporting.md).