Merge branch 'main' into docs-editor/linux-preferences-1724835910

Author: denisebmsft

defender-endpoint/android-intune.md

@@ -93,7 +93,7 @@ Defender for Endpoint on Android supports Android Enterprise enrolled devices.
 
 For more information on the enrollment options supported by Microsoft Intune, see [Enrollment Options](/mem/intune/enrollment/android-enroll).
 
-**Currently, personally owned devices using a work profile and corporate-owned, fully managed user device enrollments are supported for deployment.**
+**Currently, Personally-owned devices with work profile, Corporate-owned devices with work profile, and Corporate-owned fully managed user device enrollments are supported in Android Enterprise.**
 
 ## Add Microsoft Defender for Endpoint on Android as a Managed Google Play app
 
@@ -280,11 +280,11 @@ Android low touch onboarding is disabled by default. Admins can enable it throug
 
 6. Under **Configuration settings**, select `Use Configuration designer`, and then select **Add**.
 
-7. Select **Low touch onboarding and User UPN**. For User UPN, change the value type to `Variable`, and set the configuration value to `User Principal Name`. Enable low-touch onboarding by changing its configuration value to `1`.
-
-    >[!div class="mx-imgBorder"]
-    >![Screenshot showing a low touch onboarding configuration policy.](media/low-touch-user-upn.png)
+1. Select **Low touch onboarding and User UPN**. For User UPN, change the value type to `Variable`, and set the configuration value to `User Principal Name`. Enable low-touch onboarding by changing its configuration value to `1`.
 
+      > [!div class="mx-imgBorder"]
+   > ![Screenshot showing a low touch onboarding configuration policy.](media/low-touch-user-upn.png)
+   
 8. Assign the policy to the target user group.
 
 9. Review and create the policy.
@@ -297,29 +297,29 @@ Admins can go to the [Microsoft Endpoint Management admin center](https://intune
 
 1. Go to **Apps> App configuration policies** and click on **Add**. Select **Managed Devices**.
 
-    > [!div class="mx-imgBorder"]
-    > ![Image of adding app configuration policy.](media/addpolicy.png)
-
-2. Enter **Name** and **Description** to uniquely identify the configuration policy. Select platform as **'Android Enterprise'**, Profile type as **'Personally-owned work profile only'** and Targeted app as **'Microsoft Defender'**.
-
-    > [!div class="mx-imgBorder"]
-    > ![Image of naming configuration policy.](media/selectapp.png)
-
-3. On the settings page, in **'Configuration settings format'**, select **'Use configuration designer'** and click on **Add**. From the list of configurations that are displayed, select **'Microsoft Defender in Personal profile'**.
-
-    > [!div class="mx-imgBorder"]
-    > ![Image of configuring personal profile.](media/addconfiguration.png)
-
-4. The selected configuration will be listed. Change the **configuration value to 1** to enable Microsoft Defender support personal profiles. A notification will appear informing the admin about the same. Click on **Next**.
+      > [!div class="mx-imgBorder"]
+   > ![Image of adding app configuration policy.](media/addpolicy.png)
+   
+1. Enter **Name** and **Description** to uniquely identify the configuration policy. Select platform as **'Android Enterprise'**, Profile type as **'Personally-owned work profile only'** and Targeted app as **'Microsoft Defender'**.
 
-    > [!div class="mx-imgBorder"]
-    > ![Image of changing config value.](media/changeconfigvalue.png)
+      > [!div class="mx-imgBorder"]
+   > ![Image of naming configuration policy.](media/selectapp.png)
+   
+1. On the settings page, in **'Configuration settings format'**, select **'Use configuration designer'** and click on **Add**. From the list of configurations that are displayed, select **'Microsoft Defender in Personal profile'**.
 
-5. **Assign** the configuration policy to a group of users. **Review and create** the policy.
+      > [!div class="mx-imgBorder"]
+   > ![Image of configuring personal profile.](media/addconfiguration.png)
+   
+1. The selected configuration will be listed. Change the **configuration value to 1** to enable Microsoft Defender support personal profiles. A notification will appear informing the admin about the same. Click on **Next**.
 
-    > [!div class="mx-imgBorder"]
-    > ![Image of reviewing and creating policy.](media/savepolicy.png)
+      > [!div class="mx-imgBorder"]
+   > ![Image of changing config value.](media/changeconfigvalue.png)
+   
+1. **Assign** the configuration policy to a group of users. **Review and create** the policy.
 
+      > [!div class="mx-imgBorder"]
+   > ![Image of reviewing and creating policy.](media/savepolicy.png)
+   
 Admins also can set up **privacy controls** from the Microsoft Intune admin center to control what data can be sent by the Defender mobile client to the security portal. For more information, see [configuring privacy controls](android-configure.md).
 
 Organizations can communicate to their users to protect Personal profile with Microsoft Defender on their enrolled BYOD devices.

defender-endpoint/configure-proxy-internet.md

@@ -132,7 +132,7 @@ Configure the static proxy using the Group Policy available in Administrative Te
 >
 > For resiliency purposes and the real-time nature of cloud-delivered protection, Microsoft Defender Antivirus caches the last known working proxy. Ensure your proxy solution does not perform SSL inspection, as that breaks the secure cloud connection.
 >
-> Microsoft Defender Antivirus doesn't use the static proxy to connect to Windows Update or Microsoft Update for downloading updates. Instead, it uses a system-wide proxy if configured to use Windows Update, or the configured internal update source according to the [configured fallback order](manage-protection-updates-microsoft-defender-antivirus.md). If necessary, you can use **Administrative Templates > Windows Components > Microsoft Defender Antivirus > Define proxy auto-config (.pac)** for connecting to the network. If you need to set up advanced configurations with multiple proxies, use **Administrative Templates > Windows Components > Microsoft Defender Antivirus > Define addresses** to bypass proxy server and prevent Microsoft Defender Antivirus from using a proxy server for those destinations.
+> Microsoft Defender Antivirus doesn't use the static proxy to connect to Windows Update or Microsoft Update for downloading updates. Instead, it uses a system-wide proxy if configured to use Windows Update, or the configured internal update source according to the [configured fallback order](manage-protection-updates-microsoft-defender-antivirus.md). If necessary, you can use **Administrative Templates > Windows Components > Microsoft Defender Antivirus > Define proxy auto-config (.pac)** for connecting to the network. If you need to set up advanced configurations with multiple proxies, use **Administrative Templates > Windows Components > Microsoft Defender Antivirus > Define addresses to bypass proxy server** and prevent Microsoft Defender Antivirus from using a proxy server for those destinations.
 > 
 > You can use PowerShell with the `Set-MpPreference` cmdlet to configure these options: 
 >    - `ProxyBypass`

defender-endpoint/device-control-overview.md

@@ -4,7 +4,7 @@ description: Get an overview of device control, including removable storage acce
 author: siosulli
 ms.author: siosulli
 manager: deniseb
-ms.date: 08/27/2024
+ms.date: 08/28/2024
 ms.topic: overview
 ms.service: defender-endpoint
 ms.subservice: asr
@@ -57,7 +57,6 @@ Device control capabilities from Microsoft can be organized into three main cate
 
 - **Device control in Defender for Endpoint**. Device control in Defender for Endpoint provides more advanced capabilities and is cross platform.
   - Granular access control - create policies to control access by device, device type, operation (read, write, execute), user group, network location, or file type.
-  - File evidence - store the file information and contents to audit files copied or accessed on devices.
   - Reporting and advanced hunting - complete visibility into add device related activities.
   - Device control in Microsoft Defender can be managed using Intune or [Group Policy](device-control-deploy-manage-gpo.md).
   - **Device control in Microsoft Defender and Intune**. Intune provides a rich experience for managing complex device control policies for organizations. You can configure and deploy device restriction settings in Defender for Endpoint, for example. See [Deploy and manage device control with Microsoft Intune](device-control-deploy-manage-intune.md).

defender-office-365/create-safe-sender-lists-in-office-365.md

@@ -18,7 +18,7 @@ ms.custom:
   - seo-marvel-apr2020
 description: Admins can learn about the available and preferred options to allow inbound messages in Exchange Online Protection (EOP).
 ms.service: defender-office-365
-ms.date: 06/10/2024
+ms.date: 08/27/2024
 appliesto:
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/eop-about" target="_blank">Exchange Online Protection</a>
   - ✅ <a href="https://learn.microsoft.com/defender-office-365/mdo-about#defender-for-office-365-plan-1-vs-plan-2-cheat-sheet" target="_blank">Microsoft Defender for Office 365 Plan 1 and Plan 2</a>
@@ -120,7 +120,7 @@ When messages skip spam filtering due to entries in a user's Safe Senders list,
 
 - In Exchange Online, whether entries in the Safe Senders list work or don't work depends on the verdict and action in the policy that identified the message:
   - **Move messages to Junk Email folder**: Domain entries and sender email address entries are honored. Messages from those senders aren't moved to the Junk Email folder.
-  - **Quarantine**: Domain entries aren't honored (messages from those senders are quarantined). Email address entries are honored (messages from those senders aren't quarantined) if either of the following statements are true:
+  - **Quarantine**: Domain entries and email address entries are honored (messages from those senders aren't quarantined) if either of the following statements are true:
     - The message isn't identified as malware or high confidence phishing (malware and high confidence phishing messages are quarantined).
     - The email address isn't also in a block entry in the [Tenant Allow/Block List](tenant-allow-block-list-email-spoof-configure.md#create-block-entries-for-domains-and-email-addresses).
 - Entries for blocked senders and blocked domains are honored (messages from those senders are moved to the Junk Email folder). Safe mailing list settings are ignored.