MicrosoftDocs
diff --git a/‎defender-endpoint/mac-device-control-faq.md‎
Lines changed: 1 addition & 1 deletion b/‎defender-endpoint/mac-device-control-faq.md‎
Lines changed: 1 addition & 1 deletion
diff --git a/‎defender-endpoint/mac-device-control-jamf.md‎
Lines changed: 2 additions & 2 deletions b/‎defender-endpoint/mac-device-control-jamf.md‎
Lines changed: 2 additions & 2 deletions
diff --git a/‎defender-endpoint/mac-device-control-overview.md‎
Lines changed: 6 additions & 6 deletions b/‎defender-endpoint/mac-device-control-overview.md‎
Lines changed: 6 additions & 6 deletions
diff --git a/‎defender-endpoint/mac-exclusions.md‎
Lines changed: 11 additions & 11 deletions b/‎defender-endpoint/mac-exclusions.md‎
Lines changed: 11 additions & 11 deletions
diff --git a/‎defender-endpoint/mac-health-status.md‎
Lines changed: 4 additions & 4 deletions b/‎defender-endpoint/mac-health-status.md‎
Lines changed: 4 additions & 4 deletions
diff --git a/‎defender-endpoint/mac-install-manually.md‎
Lines changed: 9 additions & 9 deletions b/‎defender-endpoint/mac-install-manually.md‎
Lines changed: 9 additions & 9 deletions
diff --git a/‎defender-endpoint/mac-install-with-intune.md‎
Lines changed: 8 additions & 8 deletions b/‎defender-endpoint/mac-install-with-intune.md‎
Lines changed: 8 additions & 8 deletions
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 04/30/2024
+ms.date: 04/16/2025
 ---
 
 # macOS Device Control policies frequently asked questions (FAQ)
 
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 02/25/2025
+ms.date: 04/16/2025
 ---
 
 # Deploy and manage Device Control using JAMF
@@ -46,7 +46,7 @@ Before you begin, confirm your subscription. To access and use device control, y
 
 ### Step 1: Creating a JSON policy
 
-Device Control on Mac is defined through a JSON policy. This policy should have the appropriate groups, rules, and settings defined to tailor specific customer conditions. For example, some enterprise organizations might need to block all removable media devices entirely, while others might have specific exceptions for a vendor or serial number. Microsoft has a [local GitHub repository](https://github.com/microsoft/mdatp-devicecontrol/tree/main/macOS/policy/samples"https://github.com/microsoft/mdatp-devicecontrol/tree/main/macos/policy/samples") that you can use to build your policies.
+Device Control on macOS is defined through a JSON policy. This policy should have the appropriate groups, rules, and settings defined to tailor specific customer conditions. For example, some enterprise organizations might need to block all removable media devices entirely, while others might have specific exceptions for a vendor or serial number. Microsoft has a [local GitHub repository](https://github.com/microsoft/mdatp-devicecontrol/tree/main/macOS/policy/samples"https://github.com/microsoft/mdatp-devicecontrol/tree/main/macos/policy/samples") that you can use to build your policies.
 
 For more information about settings, rules, and groups, see [Device Control for macOS](mac-device-control-overview.md).
 
 
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 01/31/2025
+ms.date: 04/16/2025
 ---
 
 # Device Control for macOS
@@ -33,7 +33,7 @@ ms.date: 01/31/2025
 
 ## Requirements
 
-Device control for Mac has the following prerequisites:
+Device control for macOS has the following prerequisites:
 
 - Defender for Endpoint or Defender for Business licenses (can be a trial subscription)
 - Minimum OS version: macOS 11 or higher
@@ -112,8 +112,8 @@ Device control for macOS has similar capabilities to Device control for Windows,
 
 - macOS doesn't have a centralized Device Manager or view of devices. Access is granted/denied to applications that interact with devices. This is why on macOS there are a richer set of [access types](#access-types). For example, a `portableDevice` policy can deny or allow `download_photos_from_device`.
 
-- To stay consistent with Windows, there are `generic_read`,`generic_write` , and `generic_execute` access types. Policies with generic access types don't need to be changed if/when more specific access types are added in the future. The best practice is to use generic access types unless there's a specific need to deny/allow a more specific operation.
-- Creating a `deny` policy using generic access types is the best way to attempt to completely block all operations for that type of device (for example, Android phones), but there might still be gaps if the operation is performed using an application that isn't supported by macOS device control.     
+- To stay consistent with Windows, there are `generic_read`, `generic_write`, and `generic_execute` access types. Policies with generic access types don't need to be changed if/when more specific access types are added in the future. The best practice is to use generic access types unless there's a specific need to deny/allow a more specific operation.
+- Creating a `deny` policy using generic access types is the best way to attempt to completely block all operations for that type of device (for example, Android phones), but there might still be gaps if the operation is performed using an application that isn't supported by macOS device control.
 
 
 ### Settings
@@ -201,7 +201,7 @@ The following table lists the properties you can use in entry:
 | Property name | Description | Options |
 |:---|:---|:---|
 | `$type` | The type of enforcement | See table below for supported enforcements |
-| `options` | $type specific value to use | An array of options for the entry. May be omitted if not options are desired. |
+| `options` | $type specific value to use | An array of options for the entry. Might be omitted if not options are desired. |
 
 #### Enforcement type
 
@@ -258,7 +258,7 @@ v2_full_disk_access                         : "approved"
 - `active` - feature version, you should see ["v2"]. (Device Control is enabled, but not configured.)
     - [] - Device Control isn't configured on this machine.
     - ["v1"] - You are on a preview version of Device Control. Migrate to version 2 using this guide. v1 is considered obsolete and not described in this documentation.
-    - ["v1", "v2"] - You have both v1 and v2 enabled. Offboard from v1.
+    - ["v1," "v2"] - You have both v1 and v2 enabled. Offboard from v1.
 - `v1_configured` - v1 configuration is applied
 - `v1_enforcement_level` - when v1 is enabled
 - `v2_configured` - v2 configuration is applied
 
@@ -1,6 +1,6 @@
 ---
-title: Configure and validate exclusions for Microsoft Defender for Endpoint on Mac
-description: Provide and validate exclusions for Microsoft Defender for Endpoint on Mac. Exclusions can be set for files, folders, and processes.
+title: Configure and validate exclusions for Microsoft Defender for Endpoint on macOS 
+description: Provide and validate exclusions for Microsoft Defender for Endpoint on macOS. Exclusions can be set for files, folders, and processes.
 ms.service: defender-endpoint
 author: emmwalshh
 ms.author: ewalsh
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 06/14/2024
+ms.date: 04/16/2025
 ---
 
 # Configure and validate exclusions for Microsoft Defender for Endpoint on macOS
@@ -32,20 +32,20 @@ ms.date: 06/14/2024
 This article provides information on how to define exclusions that apply to on-demand scans, and real-time protection and monitoring.
 
 > [!IMPORTANT]
-> The exclusions described in this article don't apply to other Defender for Endpoint on Mac capabilities, including endpoint detection and response (EDR). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections.
+> The exclusions described in this article don't apply to other Defender for Endpoint on macOS capabilities, including endpoint detection and response (EDR). Files that you exclude using the methods described in this article can still trigger EDR alerts and other detections.
 
-You can exclude certain files, folders, processes, and process-opened files from Defender for Endpoint on Mac scans.
+You can exclude certain files, folders, processes, and process-opened files from Defender for Endpoint on macOS scans.
 
-Exclusions can be useful to avoid incorrect detections on files or software that are unique or customized to your organization. They can also be useful for mitigating performance issues caused by Defender for Endpoint on Mac.
+Exclusions can be useful to avoid incorrect detections on files or software that are unique or customized to your organization. They can also be useful for mitigating performance issues caused by Defender for Endpoint on macOS.
 
 To narrow down which process and/or path and/or extension you need to exclude, use [real-time-protection-statistics](mac-support-perf.md).
 
 > [!WARNING]
-> Defining exclusions lowers the protection offered by Defender for Endpoint on Mac. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you're confident aren't malicious.
+> Defining exclusions lowers the protection offered by Defender for Endpoint on macOS. You should always evaluate the risks that are associated with implementing exclusions, and you should only exclude files that you're confident aren't malicious.
 
 ## Supported exclusion types
 
-The following table shows the exclusion types supported by Defender for Endpoint on Mac.
+The following table shows the exclusion types supported by Defender for Endpoint on macOS.
 
 Exclusion|Definition|Examples
 ---|---|---
@@ -66,15 +66,15 @@ File, folder, and process exclusions support the following wildcards:
 >
 > The product attempts to resolve firm links when evaluating exclusions. Firm link resolution doesn't work when the exclusion contains wildcards or the target file (on the `Data` volume) doesn't exist.
 
-## Best practices for adding antimalware exclusions for Microsoft Defender for Endpoint on macOS.
+## Best practices for adding anti-malware exclusions for Microsoft Defender for Endpoint on macOS
 
 1. Write down why an exclusion was added to a central location where only SecOps and/or Security Administrator have access. For example, list the submitter, date, app name, reason, and exclusion information.
 
 1. Make sure to have an expiration date* for the exclusions
 
    *except for apps that the ISV stated that there's no other tweaking that could be done to prevent the false positive or higher cpu utilization from occurring.
 
-1. Avoid migrating non-Microsoft antimalware exclusions since they might no longer be applicable nor applicable to Microsoft Defender for Endpoint on macOS.
+1. Avoid migrating non-Microsoft anti-malware exclusions since they might no longer be applicable nor applicable to Microsoft Defender for Endpoint on macOS.
 
 1. Order of exclusions to consider top (more secure) to bottom (least secure):
 
@@ -141,7 +141,7 @@ In the following Bash snippet, replace `test.txt` with a file that conforms to y
 curl -o test.txt https://secure.eicar.org/eicar.com.txt
 ```
 
-If Defender for Endpoint on Mac reports malware, then the rule isn't working. If there's no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](https://www.eicar.org/download-anti-malware-testfile/).
+If Defender for Endpoint on macOS reports malware, then the rule isn't working. If there's no report of malware, and the downloaded file exists, then the exclusion is working. You can open the file to confirm that the contents are the same as what is described on the [EICAR test file website](https://www.eicar.org/download-anti-malware-testfile/).
 
 If you don't have Internet access, you can create your own EICAR test file. Write the EICAR string to a new text file with the following Bash command:
 
 
@@ -1,5 +1,5 @@
 ---
-title: Troubleshoot agent health issues with Defender for Endpoint on Mac
+title: Troubleshoot agent health issues with Defender for Endpoint on macOS 
 description: Investigate macOS Defender agent health issues
 author: emmwalshh
 ms.author: ewalsh
@@ -10,7 +10,7 @@ audience: ITPro
 ms.service: defender-endpoint
 ms.subservice: macos
 ms.topic: troubleshooting-general
-ms.date: 03/04/2025
+ms.date: 04/16/2025
 ms.collection: 
 - m365-security
 - tier3
@@ -86,8 +86,8 @@ You can run `mdatp health --help` on recent versions to list all supported featu
 
 ## See also
 
-- [What's new in Microsoft Defender for Endpoint on Mac](mac-whatsnew.md)
-- [Microsoft Defender for Endpoint on Mac](microsoft-defender-endpoint-mac.md)
+- [What's new in Microsoft Defender for Endpoint on macOS](mac-whatsnew.md)
+- [Microsoft Defender for Endpoint on macOS](microsoft-defender-endpoint-mac.md)
 
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
 
 
@@ -16,7 +16,7 @@ ms.custom: admindeeplinkDEFENDER
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 04/30/2024
+ms.date: 04/16/2025
 ---
 
 # Manual deployment for Microsoft Defender for Endpoint on macOS
@@ -123,9 +123,9 @@ To complete this process, you must have admin privileges on the device.
 
     :::image type="content" source="media/security-privacy-window-updated.png" alt-text="Screenshot that shows the security and privacy window.":::
 
-13. Repeat steps 11 and 12 for all system extensions distributed with Microsoft Defender for Endpoint on Mac.
+13. Repeat steps 11 and 12 for all system extensions distributed with Microsoft Defender for Endpoint on macOS.
 
-14. As part of the Endpoint Detection and Response capabilities, Microsoft Defender for Endpoint on Mac inspects socket traffic and reports this information to the Microsoft Defender portal. When prompted to grant Microsoft Defender for Endpoint permissions to filter network traffic, select **Allow**.
+14. As part of the Endpoint Detection and Response capabilities, Microsoft Defender for Endpoint on macOS inspects socket traffic and reports this information to the Microsoft Defender portal. When prompted to grant Microsoft Defender for Endpoint permissions to filter network traffic, select **Allow**.
 
     :::image type="content" source="media/monterey-install-4.png" alt-text="Screenshot that shows the system extension security preferences2":::
 
@@ -179,7 +179,7 @@ You can view applications permitted to run in background in System Settings => s
 
 :::image type="content" source="media/background-items.png" alt-text="Screenshot that shows background items":::
 
-Make sure all Microsoft Defender and Microsoft Corporation items are enabled. If they are disabled, then macOS won't start Microsoft Defender after a machine restart.
+Make sure all Microsoft Defender and Microsoft Corporation items are enabled. If they're disabled, then macOS won't start Microsoft Defender after a machine restart.
 
 ## Bluetooth permissions
 
@@ -261,15 +261,15 @@ See [Uninstalling](mac-resources.md#uninstalling) for details on how to remove M
 > [!TIP]
 >
 > - Do you want to learn more? Engage with the Microsoft Security community in our Tech Community: [Microsoft Defender for Endpoint Tech Community](https://techcommunity.microsoft.com/t5/microsoft-defender-for-endpoint/bd-p/MicrosoftDefenderATP).
-> - If you have any feedback that you'll like to share, submit it by opening Microsoft Defender Endpoint on Mac on your device and navigate to **Help** \> **Send feedback**.
+> - If you have any feedback that you like to share, submit it by opening Microsoft Defender Endpoint on macOS on your device and navigate to **Help** \> **Send feedback**.
 
 ## Recommended content
 
-- [Learn how to install, configure, update, and use Microsoft Defender for Endpoint on Mac](microsoft-defender-endpoint-mac.md).
+- [Learn how to install, configure, update, and use Microsoft Defender for Endpoint on macOS](microsoft-defender-endpoint-mac.md).
 - [Learn how to set up the Microsoft Defender for Endpoint on macOS policies in Jamf](mac-jamfpro-policies.md).
 - [Learn how to deploy Microsoft Defender for Endpoint on macOS with Jamf Pro](mac-install-with-jamf.md).
 - [Learn how to troubleshoot license issues in Microsoft Defender for Endpoint on Mac](mac-support-license.md).
-- [Learn how to use resources for Microsoft Defender for Endpoint on Mac, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product](mac-resources.md).
-- [Learn how to configure Microsoft Defender for Endpoint on Mac in enterprise organizations](mac-preferences.md).
-- [Learn how to install Microsoft Defender for Endpoint on Mac on other management solutions](mac-install-with-other-mdm.md).
+- [Learn how to use resources for Microsoft Defender for Endpoint on macOS, including how to uninstall it, how to collect diagnostic logs, CLI commands, and known issues with the product](mac-resources.md).
+- [Learn how to configure Microsoft Defender for Endpoint on macOS in enterprise organizations](mac-preferences.md).
+- [Learn how to install Microsoft Defender for Endpoint on macOS on other management solutions](mac-install-with-other-mdm.md).
 - [Learn how to detect and block Potentially Unwanted Applications (PUA) using Microsoft Defender for Endpoint on macOS](mac-pua.md).
@@ -1,6 +1,6 @@
 ---
-title: Intune-based deployment for Microsoft Defender for Endpoint on Mac
-description: Install Microsoft Defender for Endpoint on Mac, using Microsoft Intune.
+title: Intune-based deployment for Microsoft Defender for Endpoint on macOS
+description: Install Microsoft Defender for Endpoint on macOS, using Microsoft Intune.
 ms.service: defender-endpoint
 author: emmwalshh
 ms.author: ewalsh
@@ -15,7 +15,7 @@ ms.collection:
 ms.topic: conceptual
 ms.subservice: macos
 search.appverid: met150
-ms.date: 12/02/2024
+ms.date: 04/16/2025
 ---
 
 # Deploy Microsoft Defender for Endpoint on macOS with Microsoft Intune
@@ -35,14 +35,14 @@ Before you get started, see [the main Microsoft Defender for Endpoint on macOS p
 
 ## Overview
 
-The following table summarizes the steps to deploy and manage Microsoft Defender for Endpoint on Macs via Microsoft Intune. See the following table for more detailed steps:
+The following table summarizes the steps to deploy and manage Microsoft Defender for Endpoint on macOS via Microsoft Intune. See the following table for more detailed steps:
 
 |Step |Sample file name  |Bundle identifier  |
 |---------|---------|---------|
 |Approve system extension|`sysext.mobileconfig`|N/A|
 |Network extension policy|`netfilter.mobileconfig`|N/A|
 |Full Disk Access|`fulldisk.mobileconfig`|`com.microsoft.wdav.epsext`|
-|Microsoft Defender for Endpoint configuration settings <br/><br/>If you're planning to run non-Microsoft antivirus on Mac, set `passiveMode` to `true`.|`MDE_MDAV_and_exclusion_settings_Preferences.xml`|`com.microsoft.wdav`|
+|Microsoft Defender for Endpoint configuration settings <br/><br/>If you're planning to run non-Microsoft antivirus on macOS, set `passiveMode` to `true`.|`MDE_MDAV_and_exclusion_settings_Preferences.xml`|`com.microsoft.wdav`|
 |Background services|`background_services.mobileconfig`|N/A|
 |Configure Microsoft Defender for Endpoint notifications|`notif.mobileconfig`|`com.microsoft.wdav.tray`|
 |Accessibility settings|`accessibility.mobileconfig`|`com.microsoft.dlp.daemon`|
@@ -104,7 +104,7 @@ As part of the Endpoint Detection and Response capabilities, Microsoft Defender
 Download [netfilter.mobileconfig](https://raw.githubusercontent.com/microsoft/mdatp-xplat/master/macos/mobileconfig/profiles/netfilter.mobileconfig) from [GitHub repository](https://github.com/microsoft/mdatp-xplat/tree/master/macos/mobileconfig/profiles).
 
 > [!IMPORTANT]
-> Only one `.mobileconfig` (plist) for Network Filter is supported. Adding multiple Network Filters leads to network connectivity issues on Mac. This issue isn't specific to Defender for Endpoint on macOS.
+> Only one `.mobileconfig` (plist) for Network Filter is supported. Adding multiple Network Filters leads to network connectivity issues on macOS. This issue isn't specific to Defender for Endpoint on macOS.
 
 To configure your network filter:
 
@@ -375,7 +375,7 @@ To set Device Control for Microsoft Defender for Endpoint on macOS, follow the s
 
 To set Purview's Data Loss Prevention (DLP) for endpoint on macOS, follow the steps in [Onboard and offboard macOS devices into Compliance solutions using Microsoft Intune](/purview/device-onboarding-offboarding-macos-intune-mde).
 
-### Step 13: Check status of PList (.mobileconfig)
+### Step 13: Check status of PList (.Mobileconfig)
 
 After completing the profile configuration, you'll be able to review the status of the policies.
 
@@ -387,7 +387,7 @@ Once the Intune changes are propagated to the enrolled devices, you can see them
 
 #### Client device setup
 
-A standard [Company Portal installation](/mem/intune/user-help/enroll-your-device-in-intune-macos-cp) is sufficient for a mac device.
+A standard [Company Portal installation](/mem/intune/user-help/enroll-your-device-in-intune-macos-cp) is sufficient for a Mac device.
 
 1. Confirm device management.