Merge branch 'main' into v-jodavies-eval-pilot-xdr-rework

Author: joe-davies-affirm

defender-endpoint/malware/exploits-malware.md

@@ -2,9 +2,7 @@
 title: Exploits and exploit kits
 ms.reviewer: 
 description: Learn about how exploits use vulnerabilities in common software to give attackers access to your computer and install other malware.
-keywords: security, malware, exploits, exploit kits, prevention, vulnerabilities, Microsoft, Exploit malware family, exploits, java, flash, adobe, update software, prevent exploits, exploit pack, vulnerability, 0-day, holes, weaknesses, attack, Flash, Adobe, out-of-date software, out of date software, update, update software, reinfection, Java cache, reinfected,  won't remove, won't clean, still detects, full scan, MSE, Defender, WDSI, MMPC, Microsoft Malware Protection Center
 ms.service: defender-endpoint
-ms.mktglfcycl: secure
 ms.localizationpriority: medium
 ms.author: dansimp
 author: dansimp
@@ -15,7 +13,7 @@ ms.collection:
 - tier2
 ms.topic: conceptual
 search.appverid: met150
-ms.date: 03/18/2022
+ms.date: 05/30/2024
 ---
 
 # Exploits and exploit kits
@@ -36,7 +34,7 @@ The infographic below shows how an exploit kit might attempt to exploit a device
 
 *Figure 1. Example of how to exploit kits work*
 
-Several notable threats, including Wannacry, exploit the Server Message Block (SMB) vulnerability CVE-2017-0144 to launch malware.
+Notable threats use exploit kits to spread ransomware, including JSSLoader. The threat actor tracked by Microsoft as Storm-0324 (DEV-0324) uses this malware to facilitate access for the ransomware-as-a-service (RaaS) actor [Sangria Tempest](https://www.microsoft.com/en-us/security/blog/2022/05/09/ransomware-as-a-service-understanding-the-cybercrime-gig-economy-and-how-to-protect-yourself/#ELBRUS] (ELBRUS, Carbon Spider, FIN7).
 
 Examples of exploit kits:
 
@@ -61,4 +59,4 @@ You can read more on the [CVE website](https://cve.mitre.org/).
 
 The best prevention for exploits is to keep your organization's [software up to date](https://portal.msrc.microsoft.com/). Software vendors provide updates for many known vulnerabilities, so make sure these updates are applied to all devices.
 
-For more general tips, see [prevent malware infection](prevent-malware-infection.md).
+For more general tips, see [prevent malware infection](prevent-malware-infection.md).

defender-endpoint/microsoft-defender-endpoint-linux.md

@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: linux
 search.appverid: met150
-ms.date: 05/08/2024
+ms.date: 05/30/2024
 ---
 
 # Microsoft Defender for Endpoint on Linux
@@ -105,7 +105,9 @@ In general you need to take the following steps:
     > [!NOTE]
     > Distributions and version that are not explicitly listed are unsupported (even if they are derived from the officially supported distributions).
     > With RHEL 6 support for 'extended end of life' coming to an end by June 30, 2024; MDE Linux support for RHEL 6 will also be deprecated by June 30, 2024
-    > MDE Linux version 101.23082.0011 is the last MDE Linux release supporting RHEL 6.7 or higher versions (does not expire before June 30, 2024). Customers are advised to plan upgrades to their RHEL 6 infrastructure aligned with guidance from Red Hat. 
+    > MDE Linux version 101.23082.0011 is the last MDE Linux release supporting RHEL 6.7 or higher versions (does not expire before June 30, 2024). Customers are advised to plan upgrades to their RHEL 6 infrastructure aligned with guidance from Red Hat.
+    >
+    > Microsoft Defender Vulnerablity Management is not supported on Alma currently.
 
 - List of supported kernel versions
 
@@ -255,4 +257,3 @@ High I/O workloads from certain applications can experience performance issues w
 - [Turn on network protection for Linux](network-protection-linux.md)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
-