Merge pull request #1057 from MicrosoftDocs/main

publish main to live 10:30 AM 8/1/24

Author: American-Dipper

defender-endpoint/linux-whatsnew.md

@@ -32,6 +32,33 @@ This article is updated frequently to let you know what's new in the latest rele
 
 - [What's new in Defender for Endpoint on macOS](mac-whatsnew.md)
 - [What's new in Defender for Endpoint on iOS](ios-whatsnew.md)
+
+<details>
+<summary> July-2024 (Build: 101.24062.0001 | Release version: 30.124062.0001.0)</summary>
+
+## July-2024 Build: 101.24062.0001 | Release version: 30.124062.0001.0
+
+&ensp;Released: **July 31, 2024**<br/>
+&ensp;Published: **July 31, 2024**<br/>
+&ensp;Build: **101.24062.0001**<br/>
+&ensp;Release version: **30.124062.0001.0**<br/>
+&ensp;Engine version: **1.1.24050.7**<br/>
+&ensp;Signature version: **1.411.410.0**<br/>
+
+**What's new**
+
+There are multiple fixes and new changes in this release.
+
+- Fixes bug in which infected command-line threat information was not showing correctly in security portal.
+- Fixes a memory leak issue in kernel space due to ebpf maps and progs not getting closed/unloaded whenever ebpf sensor is reloaded. Impacts kernels 3.10x and <= 4.16x.
+- Fixes a bug where disabling a preview feature required a Defender of Endpoint to disable it.
+- Global Exclusions feature using managed JSON is now in Public Preview. available in insiders slow from 101.23092.0012. For more information, see [linux-exclusions](linux-exclusions.md).
+- Updated the Linux default engine version to 1.1.24050.7 and default sigs Version to 1.411.410.0.
+- Stability and performance improvements.
+- Other bug fixes.
+
+</details>
+
 <details>
 <summary> June-2024 (Build: 101.24052.0002 | Release version: 30.24052.0002.0)</summary>
 
@@ -1430,4 +1457,4 @@ As an alternative approach, follow the instructions to [uninstall](linux-resourc
 
    </details>
 
-</details><!--This </details> closes "2021 releases"-->
+</details><!--This </details> closes "2021 releases"-->

defender-vulnerability-management/fixed-reported-inaccuracies.md

@@ -37,6 +37,16 @@ The following tables present the relevant vulnerability information organized by
 | Inaccuracy report ID | Description | Fix date |
 |---|---|---|
 | - | Fixed inaccuracy in Microsoft Visio Viewer & SDK 2016 | 01-July-24 |
+| 61778 | Fixed inaccuracy in PHP vulnerabilities - CVE-2024-4577, CVE-2024-5458 & CVE-2024-5585 | 05-July-24 |
+| - | Fixed inaccuracy in Intel Proset Wireless vulnerabilities - CVE-2023-38417, CVE-2023-38654, CVE-2023-40536 & CVE-2023-47210 | 07-July-24 |
+| 58642 | Fixed inaccuracy in Microsoft Visual Studio Code & Progress Fiddler | 10-July-24 |
+| 61803 | Fixed inaccuracy in CVE-2023-24592 | 10-July-24 |
+| - | Fixed inaccuracy in CVE-2017-3010 & CVE-2017-3124 | 10-July-24 |
+| - | Fixed inaccuracy in 7-zip and Zscaler vulnerabilities - CVE-2023-31102, CVE-2023-41972, CVE-2023-41973 & CVE-2023-23463 | 10-July-24 |
+| 62958 | Fixed inaccuracy in CVE-2024-26010 | 10-July-24 |
+| - | Defender Vulnerability Management doesn't currently support CVE-2013-5387 and CVE-2018-1595 | 14-July-24 |
+| 60387 | Fixed inaccuracy in Microsoft Teams by excluding squirrel.exe path | 14-July-24 |
+| 61125 | Fixed inaccuracy in Lenovo Mouse Suite | 17-July-24 |
 
 
 ## June 2024

defender-xdr/api-incident.md

@@ -18,7 +18,7 @@ search.appverid:
   - MOE150
   - MET150
 ms.custom: api
-ms.date: 02/08/2024
+ms.date: 07/30/2024
 ---
 
 # Microsoft Defender XDR incidents API and the incidents resource type
@@ -73,7 +73,7 @@ Refer to the respective method articles for more details on how to construct a r
 | status | Enum | Specifies the current status of the incident. Possible values are: `Active`, `InProgress`, `Resolved`, and `Redirected`. |
 | classification | Enum | Specification of the incident. Possible values are: `TruePositive`, `Informational, expected activity`, and `FalsePositive`. |
 | determination | Enum | Specifies the determination of the incident. <p>Possible determination values for each classification are: <br><li> <b>True positive</b>: `Multistage attack` (MultiStagedAttack), `Malicious user activity` (MaliciousUserActivity), `Compromised account` (CompromisedUser) – consider changing the enum name in public api accordingly, `Malware` (Malware), `Phishing` (Phishing), `Unwanted software` (UnwantedSoftware), and `Other` (Other). <li> <b>Informational, expected activity:</b> `Security test` (SecurityTesting), `Line-of-business application` (LineOfBusinessApplication), `Confirmed activity` (ConfirmedUserActivity) - consider changing the enum name in public api accordingly, and `Other` (Other). <li>  <b>False positive:</b> `Not malicious` (Clean) - consider changing the enum name in public api accordingly, `Not enough data to validate` (InsufficientData), and `Other` (Other). |
-| tags | string list | List of Incident tags. |
+| tags | string list | List of Incident tags (customTags only). |
 | comments | List of incident comments | Incident Comment object contains: comment string, createdBy string, and createTime date time. |
 | alerts | alert list | List of related alerts. See examples at [List incidents](api-list-incidents.md) API documentation. |