Merge branch 'main' into migrate-exclusions

Author: denisebmsft

defender-endpoint/enable-attack-surface-reduction.md

@@ -15,7 +15,7 @@ ms.collection:
 - mde-asr
 ms.custom: admindeeplinkDEFENDER
 search.appverid: met150
-ms.date: 04/30/2025
+ms.date: 05/08/2025
 ---
 
 # Enable attack surface reduction rules
@@ -102,7 +102,7 @@ When adding exclusions, keep these points in mind:
 
 If a conflicting policy is applied via MDM and GP, the setting applied from Group Policy takes precedence.
 
-Attack surface reduction rules for managed devices now support behavior for merging settings from different policies to create a policy superset for each device. Only the settings that aren't in conflict are merged, whereas policy conficts aren't added to the superset of rules. Previously, if two policies included conflicts for a single setting, both policies were flagged as being in conflict, and no settings from either profile were deployed. 
+Attack surface reduction rules for managed devices now support behavior for merging settings from different policies to create a policy superset for each device. Only the settings that aren't in conflict are merged, whereas policy conflicts aren't added to the superset of rules. Previously, if two policies included conflicts for a single setting, both policies were flagged as being in conflict, and no settings from either profile were deployed. 
 
 Attack surface reduction rule merge behavior works as follows:
 
@@ -139,6 +139,7 @@ The following procedures for enabling attack surface reduction rules include ins
 > If you're using Intune on Windows Server 2012 R2 and Windows Server 2016 with the [modern unified solution](onboard-server.md#functionality-in-the-modern-unified-solution-for-windows-server-2016-and-windows-server-2012-r2), you need to set the following attack surface reduction rules to `Not Configured` because they're not supported on these OS versions. Otherwise, these policies fail to apply:
 > - [Block persistence through Windows Management Instrumentation (WMI) event subscription](/defender-endpoint/attack-surface-reduction-rules-reference#block-persistence-through-wmi-event-subscription)
 > - [Block JavaScript or VBScript from launching downloaded executable content](/defender-endpoint/attack-surface-reduction-rules-reference#block-javascript-or-vbscript-from-launching-downloaded-executable-content)
+> - [Block Win32 API calls from Office macro](/defender-endpoint/attack-surface-reduction-rules-reference#block-win32-api-calls-from-office-macros)
 
 #### Endpoint security policy (Preferred)
 

defender-office-365/mdo-data-retention.md

@@ -5,14 +5,16 @@ f1.keywords:
 ms.author: dansimp
 author: dansimp
 manager: deniseb
-ms.date: 6/15/2023
+ms.date: 05/08/2025
 audience: ITPro
 ms.topic: conceptual
 ms.service: defender-office-365
 ms.localizationpriority: medium
 ms.collection:
 - m365-security
 - tier2
+- essentials-compliance
+- essentials-security
 ms.custom:
 description: Admins can learn how long Defender for Office 365 features retain data.
 search.appverid: met150

defender-office-365/mdo-privacy.md

@@ -5,14 +5,15 @@ f1.keywords:
 ms.author: chrisda
 author: chrisda
 manager: deniseb
-ms.date: 09/03/2024
+ms.date: 05/08/2025
 audience: ITPro
 ms.topic: conceptual
 ms.service: defender-office-365
 ms.localizationpriority: medium
 ms.collection:
 - m365-security
 - tier2
+- essentials-privacy
 ms.custom:
 description: Admins can learn about privacy in Defender for Office 365.
 search.appverid: met150

defender-vulnerability-management/defender-vulnerability-management.md

@@ -11,9 +11,12 @@ ms.collection:
 - tier1
 - m365-security
 - essentials-overview
+- essentials-compliance
+- essentials-privacy
+- essentials-security
 search.appverid: met150
 audience: ITPro
-ms.date: 02/23/2025
+ms.date: 05/08/2025
 ---
 
 # What is Microsoft Defender Vulnerability Management

defender-vulnerability-management/retention-logic-mdvm.md

@@ -11,10 +11,10 @@ ms.localizationpriority: medium
 ms.collection: 
 - tier1
 - m365-security
-- essentials-overview
+- essentials-compliance
 search.appverid: met150
 audience: ITPro
-ms.date: 04/29/2025
+ms.date: 05/08/2025
 ---
 
 # Understand retention logic in Microsoft Defender Vulnerability Management