Merge pull request #1484 from MicrosoftDocs/main

pushing updates live

Author: denisebmsft

defender-office-365/defender-for-office-365-whats-new.md

@@ -8,7 +8,7 @@ ms.author: chrisda
 author: chrisda
 manager: deniseb
 ms.localizationpriority: medium
-ms.date: 08/26/2024
+ms.date: 09/27/2024
 audience: ITPro
 ms.collection:
   - m365-security
@@ -39,6 +39,15 @@ For more information on what's new with other Microsoft Defender security produc
 - [What's new in Microsoft Defender for Identity](/defender-for-identity/whats-new)
 - [What's new in Microsoft Defender for Cloud Apps](/cloud-app-security/release-notes)
 
+## October 2024
+
+- **Tenant Allow/Block List in Microsoft 365 now supports IPv6 address**: The [Tenant Allow/Block List](tenant-allow-block-list-about.md) now supports [allowing and blocking IPv6 addresses] (tenant-allow-block-list-ip-addresses-configure.md). It's available in Microsoft 365 Worldwide, GCC, GCC High, DoD, and Office 365 operated by 21Vianet environments.
+
+## September 2024
+
+- [Use the built-in Report button in Outlook](submissions-outlook-report-messages.md#use-the-built-in-report-button-in-outlook): The built-in **Report** button in Outlook for Mac now support the [user reported settings](submissions-user-reported-messages-custom-mailbox.md) experience to report messages as Phishing, Junk, and Not Junk.
+
+
 ## August 2024
 
 - (Preview) You can now run [simulations](attack-simulation-training-simulations.md) with QR code payloads in [Attack simulation training](attack-simulation-training-get-started.md). You can track user responses and assign training to end users.

defender-office-365/submissions-outlook-report-messages.md

@@ -14,7 +14,7 @@ ms.collection:
 description: Learn how to report phishing and suspicious emails in supported versions of Outlook using the built-in Report button or the Report Message and Report Phishing add-ins.
 ms.service: defender-office-365
 search.appverid: met150
-ms.date: 09/16/2024
+ms.date: 09/27/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Exchange Online Protection</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -42,6 +42,7 @@ Admins configure user reported messages to go to a specified reporting mailbox,
 
 - The built-in **Report** button is available in the following versions of Outlook:
   - Outlook for Microsoft 365 and Outlook 2021 starting with Version 2407 (Build 17830.20138).
+  - Outlook for Mac.
   - The new Outlook for Windows.
   - Outlook on the web.
 
@@ -52,7 +53,7 @@ Admins configure user reported messages to go to a specified reporting mailbox,
 
   If user reporting is turned off and a non-Microsoft add-in button is selected, the **Report** button isn't available in supported versions of Outlook.
 
-- The built-in **Report** button in supported versions of Outlook supports reporting messages from shared mailboxes or other mailboxes by a delegate.
+- The built-in **Report** button in Outlook on the web and the new Outlook for Windows supports reporting messages from shared mailboxes or other mailboxes by a delegate.
   - Shared mailboxes require Send As or Send On Behalf permission for the user.
   - Other mailboxes require Send As or Send On Behalf permission _and_ Read and Manage permissions for the delegate.
 

defender-office-365/submissions-users-report-message-add-in-configure.md

@@ -8,7 +8,7 @@ manager: deniseb
 audience: Admin
 ms.reviewer: dhagarwal
 ms.topic: how-to
-ms.date: 8/7/2023
+ms.date: 09/27/2024
 ms.localizationpriority: medium
 search.appverid:
   - MET150
@@ -32,7 +32,7 @@ appliesto:
 > [!NOTE]
 > If you're an admin in a Microsoft 365 organization with Exchange Online mailboxes, we recommend that you use the **Submissions** page in the Microsoft Defender portal. For more information, see [Use Admin Submission to submit suspected spam, phish, URLs, and files to Microsoft](submissions-admin.md).
 
-The Microsoft Report Message and Report Phishing add-ins for Outlook and inbuild report button on Outlook on the web (formerly known as Outlook Web App or OWA), new Outlook for Windows, legacy Outlook for Windows makes it easy for users to report false positives and false negatives to Microsoft for analysis. False positives are good email that was blocked or sent to the Junk Email folder. False negatives are unwanted email or phishing that was delivered to the Inbox.
+The Microsoft Report Message and Report Phishing add-ins for Outlook and the built-in **Report** button in [supported versions of Outlook](submissions-outlook-report-messages.md#use-the-built-in-report-button-in-outlook) make it easy for users to report false positives and false negatives to Microsoft for analysis. False positives are good email that was blocked or sent to the Junk Email folder. False negatives are unwanted email or phishing that was delivered to the Inbox.
 
 Microsoft uses these user-reported messages to improve the effectiveness of email protection technologies. For example, suppose that people are reporting many messages using the Report Phishing add-in. This information surfaces in the Security Dashboard and other reports. Your organization's security team can use this information as an indication that anti-phishing policies might need to be updated.
 

defender-xdr/custom-permissions-details.md

@@ -74,7 +74,7 @@ Permissions for managing the organization's security posture and performing vuln
 |Remediation handling|Manage|Create remediation tickets, submit new requests, and manage remediation activities in Defender Vulnerability Management.|
 |Application handling|Manage|Manage vulnerable applications and software, including blocking and unblocking them in Defender Vulnerability Management.|
 |Security baseline assessment|Manage|Create and manage profiles so you can assess if your devices comply to security industry baselines.|
-|Secure Score|Read / Manage|Manage permissions to Secure Score data including which users have access to the data and the products for which they will see Secure Score data.|
+|Exposure Management|Read / Manage|View or manage Secure Score recommendations from all products included in Secure Score.|
 
 ### Authorization and settings
 

defender-xdr/microsoft-secure-score.md

@@ -17,7 +17,7 @@ ms.topic: conceptual
 search.appverid:
 - MOE150
 - MET150
-ms.date: 06/28/2024
+ms.date: 09/29/2024
 ---
 
 # Microsoft Secure Score
@@ -115,15 +115,17 @@ If you turn on security defaults, you are awarded full points for the following
 
 <a name='manage-permissions-with-microsoft-365-defender-unified-role-based-access-controlrbac'></a>
 
-### Manage permissions with Microsoft Defender XDR Unified role-based access control(RBAC)
+### Manage permissions with Microsoft Defender XDR Unified role-based access control (RBAC)
 
-With [Microsoft Defender XDR Unified role-based access control(RBAC)](manage-rbac.md), you can create custom roles with specific permissions for Secure Score. Defender XDR Unified RBAC allows you to control which users have access to Secure Score data, the products for which they see Secure Score data (for example, Microsoft Defender for Endpoint) and their permission level to the data.
+With [Microsoft Defender XDR Unified role-based access control(RBAC)](manage-rbac.md), you can create custom roles with specific permissions for Secure Score. These permissions are located under the **Security posture** category in Defender XDR Unified RBAC permissions model and are named **Exposure Management (read)** for read-only access and **Exposure Management (manage)** for users who will have access to manage Secure Score recommendations.
 
-You can also manage user permissions to access Secure Score data from additional data sources, such as the other products supported by Secure Score, for more information, see [Products included in Secure Score](#products-included-in-secure-score). You can view the Secure Score data from the other data sources either alone or alongside the other data sources.
+In order for users to access Secure Score data, a custom role in Defender XDR Unified RBAC shall be assigned with the **Microsoft Security Exposure Management** data source.
 
-To start using Microsoft Defender XDR Unified RBAC to manage your Secure Score permissions, see [Microsoft Defender XDR Unified role-based access control(RBAC)](manage-rbac.md).
+To start using Microsoft Defender XDR Unified RBAC to manage your Secure Score permissions, see [Microsoft Defender XDR Unified role-based access control (RBAC)](manage-rbac.md).
 
 > [!NOTE]
+> Defender XDR Unified RBAC is automatically active for Secure Score access. Once a custom role with one of the permissions is created, it has an immediate impact on assigned users. There is no need to activate it.
+> 
 > Currently, the model is only supported in the Microsoft Defender portal. If you want to use GraphAPI (for example, for internal dashboards or Defender for Identity Secure Score) you should continue to use Microsoft Entra roles. Support GraphAPI is planned at a later date.
 
 <a name='azure-active-directory-global-roles-permissions'></a>

exposure-management/whats-new.md

@@ -27,6 +27,12 @@ Security Exposure Management is currently in public preview.
 
 ## September 2024
 
+### New Enterprise IoT Security Initiative
+
+With this new initiative, Enterprise IoT Security offers a powerful solution to identify unmanaged IoT devices and enhance your security. With continuous monitoring, vulnerability assessments, and tailored recommendations designed for Enterprise IoT devices, you gain comprehensive visibility into the risks posed by these devices. This initiative not only helps you understand the potential threats but also strengthens your organization's resilience in mitigating them.
+
+For more information, see, [Review security initiatives](initiatives.md)
+
 ### New predefined classifications
 
 The following predefined classification rule was added to the critical assets list: