Merge pull request #646 from MicrosoftDocs/main

Publish main to live, Friday 10:30AM PDT, 06/07

Author: Stacyrch140

defender-endpoint/configure-environment.md

@@ -14,7 +14,7 @@ ms.collection:
 - tier1
 ms.topic: how-to
 ms.subservice: onboard
-ms.date: 05/13/2024
+ms.date: 06/06/2024
 ---
 
 # STEP 1: Configure your network environment to ensure connectivity with Defender for Endpoint service
@@ -30,9 +30,9 @@ ms.date: 05/13/2024
 Before you onboard devices to Defender for Endpoint, make sure your network is configured to connect to the service. The first step of this process involves adding URLs to the allowed domains list if your proxy server or firewall rules prevent access to Defender for Endpoint. This article also includes information about proxy and firewall requirements for older versions of Windows client and Windows Server.
 
 > [!NOTE]
-> - Tenants created on or before May 8, 2024 have the option to select streamlined connectivity ([consolidated set of URLs](https://aka.ms/MDE-streamlined-urls)) as the default onboarding method, or remain on standard connectivity through settings. When you've verified prerequisites have been met and are ready to set the default onboarding package to streamlined, you can turn on the advanced feature setting in the Microsoft Defender portal (**Settings > Endpoints > Advanced Features**). For onboarding through Intune or Microsoft Defender for Cloud, you need to activate the relevant option. Devices already onboarded aren't reonboarded automatically. In such cases, create a new policy in Intune, where it is recommended to first assign the policy to a set of test devices to verify connectivity is successful, and then expand the audience. Devices in Defender for Cloud can be reonboarded using the relevant onboarding script.
-> - If your tenant already had streamlined connectivity enabled as part of the public preview, it remains enabled.
-> - New tenants created after May 8, 2024 default to streamlined connectivity. Read more at [Onboarding devices using streamlined connectivity for Microsoft Defender for Endpoint](configure-device-connectivity.md)
+> - After May 8, 2024, you have the option to keep streamlined connectivity ([consolidated set of URLs](https://aka.ms/MDE-streamlined-urls)) as the default onboarding method, or downgrade to standard connectivity through (**Settings > Endpoints > Advanced Features**). For onboarding through Intune or Microsoft Defender for Cloud, you need to activate the relevant option. Devices already onboarded aren't reonboarded automatically. In such cases, create a new policy in Intune, where it is recommended to first assign the policy to a set of test devices to verify connectivity is successful, and then expand the audience. Devices in Defender for Cloud can be reonboarded using the relevant onboarding script, while newly onboarded devices will automatically receive streamlined onboarding.
+> - The new *.endpoint.security.microsoft.com consolidated domain needs to be reachable for all devices, for current and future functionality, regardless whether you continue to use Standard connectivity.
+> - New regions will default to streamlined connectivity and will not have the option to downgrade to Standard. Read more at [Onboarding devices using streamlined connectivity for Microsoft Defender for Endpoint](configure-device-connectivity.md).
 
 ## Enable access to Microsoft Defender for Endpoint service URLs in the proxy server
 

defender-endpoint/microsoft-defender-antivirus-updates.md

@@ -3,7 +3,7 @@ title: Microsoft Defender Antivirus security intelligence and product updates
 description: Manage how Microsoft Defender Antivirus receives protection and product updates.
 ms.service: defender-endpoint
 ms.localizationpriority: high
-ms.date: 05/20/2024
+ms.date: 06/07/2024
 audience: ITPro
 ms.topic: reference
 author: siosulli
@@ -234,6 +234,21 @@ Updates are released for x86, x64, and ARM64 Windows architecture.
 
 For more information, see [Microsoft Defender update for Windows operating system installation images](https://support.microsoft.com/help/4568292/defender-update-for-windows-operating-system-installation-images).
 
+### 1.411.111.0
+
+- Defender package version: **1.411.111.0**
+- Security intelligence version: **1.411.111.0**
+- Engine version: **1.24050.2**
+- Platform version: **4.18.24050.7**
+
+#### Fixes
+
+- None
+
+#### Additional information
+
+- None
+
 ### 1.411.9.0
 
 - Defender package version: **1.411.9.0**

defender-endpoint/microsoft-defender-endpoint-linux.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: linux
 search.appverid: met150
-ms.date: 05/30/2024
+ms.date: 06/07/2024
 ---
 
 # Microsoft Defender for Endpoint on Linux
@@ -101,13 +101,12 @@ In general you need to take the following steps:
   - Rocky 8.7 and higher
   - Alma 8.4 and higher
   - Mariner 2
-
+  
     > [!NOTE]
     > Distributions and version that are not explicitly listed are unsupported (even if they are derived from the officially supported distributions).
     > With RHEL 6 support for 'extended end of life' coming to an end by June 30, 2024; MDE Linux support for RHEL 6 will also be deprecated by June 30, 2024
     > MDE Linux version 101.23082.0011 is the last MDE Linux release supporting RHEL 6.7 or higher versions (does not expire before June 30, 2024). Customers are advised to plan upgrades to their RHEL 6 infrastructure aligned with guidance from Red Hat.
-    >
-    > Microsoft Defender Vulnerablity Management is not supported on Alma currently.
+    > Microsoft Defender Vulnerablity Management is not supported on Rocky and Alma currently.
 
 - List of supported kernel versions
 

defender-endpoint/msda-updates-previous-versions-technical-upgrade-support.md

@@ -6,7 +6,7 @@ ms.author: siosulli
 author: siosulli
 ms.localizationpriority: medium
 ms.reviewer: pahuijbr
-ms.date: 05/20/2024
+ms.date: 06/07/2024
 manager: deniseb
 audience: ITPro
 ms.collection:
@@ -27,6 +27,26 @@ search.appverid: met150
 
 Microsoft regularly releases [security intelligence updates and product updates for Microsoft Defender Antivirus](microsoft-defender-antivirus-updates.md). It's important to keep Microsoft Defender Antivirus up to date. When a new package version is released, support for the previous two versions is reduced to technical support only. Versions that are older than the previous two versions are listed in this article and are provided for technical upgrade support only.
 
+## February-2024 (Engine: 1.1.24020.9 | Platform: 4.18.24020.7)
+
+- Security intelligence update version: **1.407.46.0**
+- Release date: **March 6, 2024** (Engine) / **March 12, 2024** (Platform)
+- Engine: **1.1.24020.9**
+- Platform: **4.18.24020.7**
+- Support phase: **Technical upgrade support (only)**
+
+### What's new
+
+- Improved support for virtualizing while compressing or decompressing zip files
+- Improved reporting in the Microsoft Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) for block-only remediations
+- Reduced the number of false positives for [attack surface reduction rules](attack-surface-reduction.md) for known trusted processes
+- Improved [Get-MpPreference](/powershell/module/defender/get-mppreference) logic for proxy bypass settings
+- Extended the toast notification support for [Indicators of Compromise](manage-indicators.md#indicator-of-compromise-ioc-overview) (IoC) detections
+
+### Known issues
+
+- For [device control](device-control-overview.md) customers using removable media policies with disk/device-level access only (masks that include the values 1, 2, 3, 4, and 7), enforcement might not work as expected. In such situations, we recommend customers roll back to the previous version of the Defender platform.
+
 ## January-2024 (Platform: 4.18.24010.12 | Engine: 1.1.24010.10)
 
 - Security intelligence update version: **1.405.702.0**