Merge pull request #1388 from MicrosoftDocs/main

pushing updates live

Author: denisebmsft

defender-endpoint/mac-whatsnew.md

@@ -6,7 +6,7 @@ author: dansimp
 ms.author: dansimp
 manager: deniseb
 ms.localizationpriority: medium
-ms.date: 08/27/2024
+ms.date: 09/19/2024
 audience: ITPro
 ms.collection:
 - m365-security
@@ -37,10 +37,10 @@ For more information on Microsoft Defender for Endpoint on other operating syste
 
 **Known issues**
 
-Apple fixed an issue on macOS [Ventura upgrade](https://developer.apple.com/documentation/macos-release-notes/macos-13_1-release-notes), and [Sonoma upgrade](https://developer.apple.com/forums/thread/737824#773449022) with the latest OS update. The issue impacts Microsoft Defender for Endpoint security extensions, and might result in losing Full Disk Access Authorization, impacting its ability to function properly.
-
-In macOS Sonoma 14.3.1, Apple made a change to the [handling of Bluetooth devices](https://developer.apple.com/forums/thread/738748) that impacts Defender for Endpoint device controls ability to intercept and block access to Bluetooth devices.  At this time, the recommended mitigation is to use a version of macOS less than 14.3.1.
-
+> [!NOTE]
+> - Apple fixed an issue on macOS [Ventura upgrade](https://developer.apple.com/documentation/macos-release-notes/macos-13_1-release-notes), and [Sonoma upgrade](https://developer.apple.com/forums/thread/737824#773449022) with the latest OS update. The issue impacts Microsoft Defender for Endpoint security extensions, and might result in losing Full Disk Access Authorization, impacting its ability to function properly.
+> - In macOS Sonoma 14.3.1, Apple made a change to the [handling of Bluetooth devices](https://developer.apple.com/forums/thread/738748) that impacts Defender for Endpoint device controls ability to intercept and block access to Bluetooth devices.  At this time, the recommended mitigation is to use a version of macOS less than 14.3.1.
+> - In both macOS Sonoma and Sequoia builds, Network Protection capabilities may be impacted due to changes in Apple's internal networking structure resulting in crashes of the network extension (NetExt). This will result in intermittent network connectivity issues for end users. We are recommending that customers who have Network Protection enabled in their organization refrain from upgrading to Sonoma / Seqouia builds at this time.
 **Sequoia support**
 
 Microsoft Defender supports macOS Sequoia (15) in the current Defender release.
@@ -1022,11 +1022,9 @@ Live Response for macOS is now available for all Mac devices onboarded to Defend
 
 > [!CAUTION]
 > macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender for Endpoint is not able to fully protect your device.
->
-> The mechanism for granting this consent depends on how you deployed Microsoft Defender for Endpoint:
->
+> > The mechanism for granting this consent depends on how you deployed Microsoft Defender for Endpoint:
 > - For manual deployments, see the updated instructions in the [Manual deployment topic](mac-install-manually.md#allow-full-disk-access).
-> - For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
+- For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
 
 - Performance improvements & bug fixes
 

defender-for-iot/includes/site-association.md

@@ -0,0 +1,12 @@
+---
+author: limwainstein
+ms.author: lwainstein
+ms.date: 06/24/2024
+ms.topic: include
+ms.service: microsoft-defender-iot
+---
+
+>[!NOTE]
+>
+>Currently, devices discovered in the Defender XDR portal aren't synchronized with Azure, and therefore the list of devices discovered could be different in each portal.
+>

defender-for-iot/manage-devices-inventory.md

@@ -40,6 +40,8 @@ To customize the device inventory views:
 - [Use filters](/defender-endpoint/machines-view-overview#use-filters-to-customize-the-device-inventory-views)
 - [Use columns](/defender-endpoint/machines-view-overview#use-columns-to-customize-the-device-inventory-views)
 
+[!INCLUDE [defender-iot-site-association](includes/site-association.md)]
+
 ## Manage OT devices
 
 - [Explore the device inventory](/defender-endpoint/machines-view-overview#explore-the-device-inventory) including search, export to CSV, and more.

defender-for-iot/set-up-sites.md

@@ -69,6 +69,8 @@ In this stage, you configure Defender for IoT to associate OT devices to the sit
 
 1. Select **Next** to review the site details.
 
+[!INCLUDE [defender-iot-site-association](includes/site-association.md)]
+
 ## Review site details
 
 Review that information for the site you want to create:

exposure-management/predefined-classification-rules-and-levels.md

@@ -40,6 +40,7 @@ Current asset types are:
 | Network Admin Device         | Device     | Medium                    | Critical devices used to configure, manage, and monitor the network assets within the organization are vital for network administration and are at high risk of cyber threats. They require top-level security to prevent unauthorized access. |
 | VMware ESXi                | Device     | High                      | The VMware ESXi hypervisor is essential for running and managing virtual machines within your infrastructure. As a bare-metal hypervisor, it's providing the foundation for creating and managing virtual resources. |
 | VMware vCenter             | Device     | High                      | The VMware vCenter Server is crucial for managing virtual environments. It provides centralized management of virtual machines and ESXi hosts. If it fails, it could disrupt the administration and control of your virtual infrastructure, including provisioning, migration, load balancing of virtual machines, and datacenter automation. However, as there are often redundant vCenter Servers and High Availability configurations, the immediate halt of all operations might not occur. Its failure could still cause significant inconvenience and potential performance issues |
+| Hyper-V Server             | Device     | High                      | The Hyper-V hypervisor is essential for running and managing virtual machines within your infrastructure, serving as the core platform for their creation and management. If the Hyper-V host fails, it can lead to the unavailability of hosted virtual machines, potentially causing downtime and disrupting business operations. Moreover, it can result in significant performance degradation and operational challenges. Ensuring the reliability and stability of Hyper-V hosts is therefore critical for maintaining seamless operations in a virtual environment. |
 
 ##### Identity
 

exposure-management/whats-new.md

@@ -27,6 +27,14 @@ Security Exposure Management is currently in public preview.
 
 ## September 2024
 
+### New predefined classifications
+
+The following predefined classification rule was added to the critical assets list:
+
+| Classification                                               | Description                                                  |
+| ------------------------------------------------------------ | ------------------------------------------------------------ |
+| **Hyper-V Server**                                                 | This rule applies to devices identified as Hyper-V servers within a domain. These servers are essential for running and managing virtual machines within your infrastructure, serving as the core platform for their creation and management. |
+
 ### Enhanced visibility for scoped users
 
 This change now allows users who have been granted access to only some of the organization's devices to see the list of affected assets in metrics, recommendations, events, and initiative history within their specific scope.