Category | Microsoft Docs article | Related commit history on GitHub | Change details |
---|---|---|---|
includes | Copilot Content Updates | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/includes/copilot-content-updates.md | -## Week of February 12, 2024 ---| Published On |Topic title | Change | -|||--| -| 2/13/2024 | [Microsoft Copilot for Microsoft 365 documentation # < 60 chars](/microsoft-365-copilot/index) | modified | ---## Week of January 29, 2024 +## Week of February 26, 2024 | Published On |Topic title | Change | |||--|-| 2/2/2024 | [Microsoft Copilot for Microsoft 365 requirements](/microsoft-365-copilot/microsoft-365-copilot-requirements) | modified | +| 2/29/2024 | [Get started with Microsoft Copilot for Microsoft 365](/microsoft-365-copilot/microsoft-365-copilot-setup) | modified | -## Week of January 22, 2024 +## Week of February 12, 2024 | Published On |Topic title | Change | |||--|-| 1/23/2024 | [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](/microsoft-365-copilot/microsoft-365-copilot-privacy) | modified | -| 1/24/2024 | [Manage access to web content in Microsoft Copilot for Microsoft 365 responses](/microsoft-365-copilot/manage-public-web-access) | modified | +| 2/13/2024 | [Microsoft Copilot for Microsoft 365 documentation # < 60 chars](/microsoft-365-copilot/index) | modified | -## Week of January 15, 2024 +## Week of January 29, 2024 | Published On |Topic title | Change | |||--|-| 1/15/2024 | [Microsoft Copilot for Microsoft 365 overview](/microsoft-365-copilot/microsoft-365-copilot-overview) | modified | -| 1/15/2024 | [Microsoft Copilot for Microsoft 365 requirements](/microsoft-365-copilot/microsoft-365-copilot-requirements) | modified | -| 1/15/2024 | [Get started with Microsoft Copilot for Microsoft 365](/microsoft-365-copilot/microsoft-365-copilot-setup) | modified | -| 1/16/2024 | [Microsoft Copilot for Microsoft 365 overview](/microsoft-365-copilot/microsoft-365-copilot-overview) | modified | -| 1/16/2024 | [Microsoft Copilot for Microsoft 365 requirements](/microsoft-365-copilot/microsoft-365-copilot-requirements) | modified | -| 1/16/2024 | [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](/microsoft-365-copilot/microsoft-365-copilot-privacy) | modified | -| 1/16/2024 | [Microsoft Copilot for Microsoft 365 documentation # < 60 chars](/microsoft-365-copilot/index) | modified | +| 2/2/2024 | [Microsoft Copilot for Microsoft 365 requirements](/microsoft-365-copilot/microsoft-365-copilot-requirements) | modified | |
manage-public-web-access | Manage Public Web Access | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/manage-public-web-access.md | description: "Learn how to manage Microsoft Copilot for Microsoft 365 access to Microsoft Copilot for Microsoft 365 combines the power of large language models (LLMs) with your organization’s data – all in the flow of work – to turn your words into one of the most powerful productivity tools on the planet. Copilot can provide summaries of chats, messages, and meetings, answer business questions, and generate content. For more information, see [How Microsoft Copilot for Microsoft 365 works](https://www.youtube.com/watch?v=B2-8wrF9Okc). -As your organization’s Microsoft 365 admin, you can turn off Copilot’s ability to access and include web content when it responds to your users’ prompts. For more information on how this control impacts data, privacy, and security within Microsoft Copilot for Microsoft 365, see [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-privacy.md#microsoft-copilot-for-microsoft-365-and-web-content). +As your organization’s Microsoft 365 admin, you can turn off Copilot’s ability to access and include web content when it responds to your users’ prompts. For more information on how this control impacts data, privacy, and security within Microsoft Copilot for Microsoft 365, see [Data, Privacy, and Security for Microsoft Copilot for Microsoft 365](microsoft-365-copilot-privacy.md#microsoft-copilot-for-microsoft-365-and-the-web-content-plugin). ## Before you begin |
microsoft-365-copilot-privacy | Microsoft 365 Copilot Privacy | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/copilot/microsoft-365-copilot-privacy.md | ms.localizationpriority: medium description: "Learn how Microsoft Copilot for Microsoft 365 uses data and how it stores and protects that data." hideEdit: true Previously updated : 03/01/2024 Last updated : 03/04/2024 # Data, Privacy, and Security for Microsoft Copilot for Microsoft 365 The information in this article is intended to help provide answers to the follo - [How does Microsoft Copilot for Microsoft 365 protect organizational information and data?](#how-does-microsoft-copilot-for-microsoft-365-protect-organizational-data) - [What data is stored about user interactions with Microsoft Copilot for Microsoft 365?](#data-stored-about-user-interactions-with-microsoft-copilot-for-microsoft-365) - [What data residency commitments does Microsoft Copilot make?](#microsoft-copilot-for-microsoft-365-and-data-residency)-- [Can Microsoft Copilot for Microsoft 365 use web content in its responses?](#microsoft-copilot-for-microsoft-365-and-web-content)+- [Can Microsoft Copilot for Microsoft 365 use web content in its responses?](#microsoft-copilot-for-microsoft-365-and-the-web-content-plugin) - [What extensibility options are available for Microsoft Copilot for Microsoft 365](#extensibility-of-microsoft-copilot-for-microsoft-365) - [How does Microsoft Copilot for Microsoft 365 meet regulatory compliance requirements?](#meeting-regulatory-compliance-requirements) - [Do controls for connected experiences in Microsoft 365 Apps apply to Microsoft Copilot for Microsoft 365?](#microsoft-copilot-for-microsoft-365-and-policy-settings-for-connected-experiences) When you enter prompts using Microsoft Copilot for Microsoft 365, the informatio > [!NOTE] > When using Microsoft Copilot for Microsoft 365, your organizationΓÇÖs data might leave the Microsoft 365 service boundary under the following circumstances: >-> - When you allow Microsoft Copilot with Graph-grounded chat to reference web content. The query sent to Bing might include your organizationΓÇÖs data. For more information, see [Microsoft Copilot for Microsoft 365 and web content](#microsoft-copilot-for-microsoft-365-and-web-content). > - When youΓÇÖre using plugins to help Microsoft Copilot for Microsoft 365 to provide more relevant information. Check the privacy statement and terms of use of the plugin to determine how it will handle your organizationΓÇÖs data. For information, see [Extensibility of Microsoft Copilot for Microsoft 365](#extensibility-of-microsoft-copilot-for-microsoft-365).+> - When youΓÇÖre using the web content plugin to enhance chat answers, Copilot for Microsoft 365 will generate a search query that is sent to Bing for the latest information from the web. For more information, [Microsoft Copilot for Microsoft 365 and the web content plugin](#microsoft-copilot-for-microsoft-365-and-the-web-content-plugin). Abuse monitoring for Microsoft Copilot for Microsoft 365 occurs in real-time, without providing Microsoft any standing access to customer data, either for human or for automated review. While abuse moderation, which includes human review of content, is available in Azure OpenAI, Microsoft Copilot for Microsoft 365 services have opted out of it. Microsoft 365 data isnΓÇÖt collected or stored by Azure OpenAI. For European Union (EU) users, we have additional safeguards to comply with the ## Microsoft Copilot for Microsoft 365 and data residency -Copilot for Microsoft 365 is upholding data residency commitments as outlined in the Microsoft Product Terms and Data Protection Addendum. Copilot will be added as a covered workload in the data residency commitments in Microsoft Product Terms later in 2024. +Copilot for Microsoft 365 is upholding data residency commitments as outlined in the Microsoft Product Terms and Data Protection Addendum. Copilot for Microsoft 365 was added as a covered workload in the data residency commitments in Microsoft Product Terms on March 1, 2024. -Microsoft [Advanced Data Residency (ADR)](/microsoft-365/enterprise/advanced-data-residency) and [Multi-Geo Capabilities](/microsoft-365/enterprise/microsoft-365-multi-geo) offerings will include data residency commitments for Copilot for Microsoft 365 customers later in 2024. For EU customers, Copilot for Microsoft 365 is an EU Data Boundary service. Customers outside the EU may have their queries processed in the US, EU, or other regions. +Microsoft [Advanced Data Residency (ADR)](/microsoft-365/enterprise/advanced-data-residency) and [Multi-Geo Capabilities](/microsoft-365/enterprise/microsoft-365-multi-geo) offerings include data residency commitments for Copilot for Microsoft 365 customers as of March 1, 2024. For EU customers, Copilot for Microsoft 365 is an EU Data Boundary service. Customers outside the EU may have their queries processed in the US, EU, or other regions. -## Microsoft Copilot for Microsoft 365 and web content +## Microsoft Copilot for Microsoft 365 and the web content plugin -Microsoft Copilot with Graph-grounded chat can reference web content from the Bing search index to ground user prompts and responses. Based on the userΓÇÖs prompt, Copilot for Microsoft 365 determines whether it needs to use Bing to query web content to help provide a relevant response to the user. There are [controls available to manage the use of web content](#controls-available-to-manage-the-use-of-web-content) for both admins and users. +Copilot for Microsoft 365 has the option to enhance chat answers with the latest information from the web. When the web content plugin is enabled, Copilot may fetch information from the Bing search index when Copilot determines that information from the web will help provide a better, more grounded response. -### Details on how web grounding works +Admin controls and user-level toggle are available to [manage whether the web content plugin is enabled](#controls-available-to-manage-the-use-of-web-content) in your environment. -When web grounding is enabled, Copilot for Microsoft 365 may automatically generate a web search query, if Copilot for Microsoft 365 determines that web data can improve the quality of the response. The search query is based on the userΓÇÖs prompt, Copilot interaction history, and relevant data the user has access to in Microsoft 365. This web search query might be displayed to the user after the prompt is entered. For example, the user might see the phrase "searching for..." followed by the search query. The query is passed to the [Bing Search API](/bing/search-apis/bing-web-search/overview), which is part of the Bing Search service, to retrieve information from the web to ground a response. +### How the web content plugin works -Once web data is received, Copilot for Microsoft 365 passes the web data to the LLM to generate a richer response by including the latest information from the web and any relevant citations. In this process, the user's prompts and Copilot's responses remain within the Microsoft 365 service boundary. Only the search query, which is abstracted from the user's prompt and grounding data, goes to the Bing Search API outside the boundary. Queries sent to the Bing Search API by Copilot for Microsoft 365 are disassociated from the user ID or tenant ID. Web search queries might not contain all the words from a user's prompt. They're generally based off a few terms used to find relevant information on the web. However, they may still include some confidential data, depending on what the user included in the prompt. +When the web content plugin is enabled in chat, Copilot for Microsoft 365 parses the userΓÇÖs prompt and identifies terms where web grounding could improve the quality of the response. Based on these terms, Copilot generates a search query that is sent to the [Bing Search API](/bing/search-apis/bing-web-search/overview) asking for more information. This search query is different from the userΓÇÖs promptΓÇöit usually consists of a few words informed by the userΓÇÖs prompt and/or Microsoft 365 data. It doesn't automatically include the entirety of Microsoft 365 documents associated with the prompt. -Microsoft Bing is a separate business from Microsoft 365 and data is managed independently of Microsoft 365. The use of Bing is covered by the [Microsoft Services Agreement](https://www.microsoft.com/servicesagreement) between each user and Microsoft, together with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). The [Microsoft Products and Services Data Protection Addendum (DPA)](https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA) doesnΓÇÖt apply to the use of Bing. +The following table provides an example of a user's prompt, the search queries sent, and Copilot's response. +++|Entity |Text | +||| +|Prompt (as written by the user) |We're considering a possible acquisition of Fabrikam. Help me put together a 200-word summary report of publicly available financial information on the company, including their business strategy. | +|Search queries (generated by Copilot and sent to the Bing search API) |Fabrikam strategy <br/> Fabrikam financials | +|Response (generated by Copilot) | Fabrikam is a CPG startup that offers healthier food alternatives but with the same familiar taste as traditional brands. The company gathered $4.5 million in seed funding in 2019 and raised $31.5 million in a series B funding round in 2022. As of January 2023, Fabrikam raised a total of $83.4 million in funding and is on target to more than double its sales this year. <br/><br/> As the pandemic hit, Fabrikam faced the challenge of pivoting from brick-and-mortar stores to online sales, and thatΓÇÖs where their influencer marketing strategy came into play. Instead of relying on in-store events and promotions, Fabrikam turned to social media and influencer partnerships to build brand awareness and reach a wider audience. The company also approached innovation from a genuine angle, balancing traditional consumption drivers with better-for-you offerings and having a holistic, robust distribution strategy.<br/><br/>In summary, Fabrikam has raised over $55 million in funding and has a strong influencer marketing strategy that has helped them pivot to online sales during the pandemic. | ++In this example, only the two search queries are sent to the Bing Search API. After the user enters their prompt, the chat experience will display any queries being generated and sent to Bing. The user's prompts and Copilot's responses are stored within Microsoft 365. Search queries sent to the Bing Search API by Copilot for Microsoft 365 are disassociated from the user ID and tenant ID. ++The Bing Search API is provided by Bing.com, which operates separately from Microsoft 365 and has different data-handling practices. The use of Bing is covered by the [Microsoft Services Agreement](https://www.microsoft.com/servicesagreement) between each user and Microsoft, together with the [Microsoft Privacy Statement](https://privacy.microsoft.com/privacystatement). The [Microsoft Products and Services Data Protection Addendum (DPA)](https://www.microsoft.com/licensing/docs/view/Microsoft-Products-and-Services-Data-Protection-Addendum-DPA) doesnΓÇÖt apply to the use of web content plugin or the Bing Search API. ### Controls available to manage the use of web content -Admins can prevent their users from referencing web content in their requests. For more information, see [Manage access to web content in Microsoft Copilot for Microsoft 365 responses](/microsoft-365-copilot/manage-public-web-access). Even when allowed by the admin, users still have the option whether or not they want to reference web content in their requests. For more information, see [Use additional data sources with Microsoft 365 Copilot](https://support.microsoft.com/topic/b41e679a-ee19-4a8d-ab5c-ebd00ff46d71). +Admins can block access to web content in Copilot for Microsoft 365. For more information, see [Manage access to web content in Microsoft Copilot for Microsoft 365 responses](/microsoft-365-copilot/manage-public-web-access). Even when allowed by the admin, users still have the option whether or not they want to use the web plugin. For more information, see [Use additional data sources with Microsoft 365 Copilot](https://support.microsoft.com/topic/b41e679a-ee19-4a8d-ab5c-ebd00ff46d71). > [!NOTE] > The policy settings that control the use of optional connected experiences in Microsoft 365 Apps donΓÇÖt apply to Microsoft Copilot for Microsoft 365 and web content. |
includes | Defender Content Updates | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/defender/includes/defender-content-updates.md | -## Week of December 04, 2023 +## Week of February 26, 2024 | Published On |Topic title | Change | |||--|-| 12/4/2023 | [Microsoft Security Copilot and Microsoft Defender Threat Intelligence](/defender/threat-intelligence/security-copilot-and-defender-threat-intelligence) | modified | ---## Week of November 13, 2023 ---| Published On |Topic title | Change | -|||--| -| 11/17/2023 | [Microsoft Security Copilot and Microsoft Defender Threat Intelligence](/defender/threat-intelligence/security-copilot-and-defender-threat-intelligence) | added | +| 3/1/2024 | [Microsoft Security Copilot and Microsoft Defender Threat Intelligence](/defender/threat-intelligence/security-copilot-and-defender-threat-intelligence) | modified | |
admin | Select Domain To Use For Email From Microsoft 365 Products | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/email/select-domain-to-use-for-email-from-microsoft-365-products.md | f1.keywords: Previously updated : 03/15/2023 Last updated : 03/04/2024 audience: Admin description: "Let Microsoft send notification messages from an email address wit # Select the domain to use for email from Microsoft 365 products -<b>In this article</b>: +**In this article**: + - [Configure the "Send email notifications from your domain" setting](#configure-the-send-email-notifications-from-your-domain-setting) - [Supported Products](#supported-products) - [Excluded Scenarios](#excluded-scenarios) -Emails sent out to users as they interact with each other and across various products within Microsoft 365 are designed to provide insights and information about their organization. These emails are typically sent out between users based on those interactions, which means that they're often sent from the userΓÇÖs email address. Those emails will remain unchanged and will continue to work as they do today. +Emails sent out to users as they interact with each other and across various products within Microsoft 365 are designed to provide insights and information about their organization. These emails are typically sent out between users based on those interactions, which means that they're often sent from the userΓÇÖs email address. Those emails remain unchanged and continue to work as they do today. -There are several scenarios where emails are sent from a ΓÇ£no-replyΓÇ¥ system-based product account. For example, batched comments, news, digests, and system notification emails are currently sent from a no-reply product address. These include addresses such no-reply@sharepointonline.com, no-reply@planner.com, no-reply@project.com. +There are several scenarios where emails are sent from a ΓÇ£no-replyΓÇ¥ system-based product account. For example, batched comments, news, digests, and system notification emails are currently sent from a no-reply product address. These include addresses such _no-reply@sharepointonline.com_, _no-reply@planner.com_, _no-reply@project.com_. -The default option is that users receive no-reply emails sent by Microsoft on behalf of your organization, which users receive as [EXTERNAL] notifications. You now have the option to use a custom domain as the sender of these notifications. Using this feature means that emails will now be sent from your own Exchange Online instance and they become internal communication. For example, **no-reply@sharepointonline.com [External]** could become **no-reply@contoso.com**, if **Contoso.com** is the domain that has been selected. +The default option is that users receive no-reply emails sent by Microsoft on behalf of your organization. Your users receive these emails as [EXTERNAL] notifications. You can now use a custom domain as the sender of these notifications. Using this feature means that emails are sent from your own Exchange Online instance and they become internal communication. For example, **no-reply@sharepointonline.com [External]** could become **no-reply@contoso.com**, if **Contoso.com** is the selected domain. > [!NOTE]-> Only domains registered within your tenant can be used and ownership must be verified through the existing add domains process within Microsoft 365. Please follow the steps below and note the DNS records required when configuring a domain for sending email. +> Only domains registered within your tenant can be used and ownership must be verified through the existing add domains process within Microsoft 365. Please use the following steps and note the Domain Name System (DNS) records required when configuring a domain for sending email. -## <a name="configsetting">Configure the "Send email notifications from your domain" setting</a> +<a name="configsetting"></a> +## Configure the "Send email notifications from your domain" setting -The setting is available via the Microsoft 365 Admin Center **Settings** menu item. Select **Settings**, select **Org settings**, and then select the **Organization profile** tab as illustrated below. +The setting is available via the Microsoft 365 Admin Center **Settings** menu item. Select **Settings**, select **Org settings**, and then select the **Organization profile** tab as illustrated. :::image type="content" alt-text="Org Settings - Send email notifications setting" source="../../media/send-email-notifications-org-settings.png" lightbox="../../media/send-email-notifications-org-settings.png"::: > [!NOTE]-> - This setting is an opt-in setting which allows the Microsoft 365 system administrators to select a verified domain within the tenant. This means that the domain has been validated for ownership. -> - The recommendation is to use a domain that has the appropriate DNS records to facilitate email validation, like SPF, DKIM, DMARC, and MX as this then complies with the [RFC compliance](https://www.ietf.org/rfc/rfc2142.txt) for sending and receiving email. Please see [Learn more about Exchange Online Email Routing](/exchange/mail-flow-best-practices/mail-flow-best-practices) for more information. -> - Please ensure that you comply with all privacy, compliance and security requirements and policies within your organization. +> - This setting is an opt-in setting that allows the Microsoft 365 system administrators to select a verified domain within the tenant. This means that the domain has been validated for ownership. +> - The recommendation is to use a domain that has the appropriate DNS records to facilitate email validation, like SPF, DKIM, DMARC, and MX as this then complies with the [RFC compliance](https://www.ietf.org/rfc/rfc2142.txt) for sending and receiving email. For more information, see [Learn more about Exchange Online Email Routing](/exchange/mail-flow-best-practices/mail-flow-best-practices). +> - Please ensure you comply with all privacy, compliance, and security requirements and policies within your organization. **To configure the "Send email notifications from your domain" setting:** The setting is available via the Microsoft 365 Admin Center **Settings** menu it 5. In the **Send email notifications from your domain** page, select **Use a custom send-from domain address**. 6. The **Domains** menu, select the domain that you want to use for your email replies.The domains listed in the menu includes verified complete and incomplete domains as Microsoft 365 allows DNS settings to be configured and managed outside of the tenant. Your System or Exchange administrator must ensure that they follow and meet all DNS and domain requirements. 7. For **Custom username**, administrators can optionally configure the no-reply prefix. They could then create a matching email address in Exchange, if they would like to monitor responses from users.-8. Select **Save**. Changes will take a few minutes to complete. +8. Select **Save**. Changes will take a few minutes to complete. > [!NOTE]-> If you make a mistake or would like to roll-back the change, de-select the **Use a custom send-from domain address** checkbox and then select **Save**. The setting will revert to the original configuration. +> If you make a mistake or would like to roll-back the change, deselect the **Use a custom send-from domain address** checkbox and then select **Save**. The setting will revert to the original configuration. -## <a name="supportedproducts">Supported Products</a> +<a name="supportedproducts"></a> +## Supported products Please note that the following products currently support this feature: - SharePoint Online Please note that the following products currently support this feature: - Viva Pulse - Viva Topics - Viva Amplify-- Teams (Pending production rollout - Updates via Message Center Post MC705761 and Roadmap ID 375694)+- Teams > [!NOTE] > The supported products list will be updated as each product migrates to support the setting and no action will be required as these products onboard to the centralized setting. -## <a name="excludedscenarios">Excluded Scenarios</a> -One Time Passcodes (OTP) generated from sharing within OneDrive and SharePoint Online will continue to use no-reply@notify.microsoft.com. These are secure emails generated by Microsoft and utilize this trusted sender address to ensure delivery of these emails. +<a name="excludedscenarios"></a> +## Excluded Scenarios +One Time Passcodes (OTP) generated from sharing within OneDrive and SharePoint Online will continue to use _no-reply@notify.microsoft.com_. These are secure emails generated by Microsoft and utilize this trusted sender address to ensure delivery of these emails. |
admin | Buy A Domain Name | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/admin/get-help-with-domains/buy-a-domain-name.md | Check out all of our small business content on [Small business help & learning]( You can choose from the following top-level domains for your domain. - .biz+ +- .cloud - .com You can choose from the following top-level domains for your domain. - .co.uk - org.uk--- .cloud > [!NOTE] |
bookings | Comparison Chart | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/bookings/comparison-chart.md | ms.localizationpriority: medium - Tier1 - scotvorg-- eessentials-get-started+- essentials-get-started ms.assetid: d586eb28-b752-4c46-bf92-00a0c5ad781d description: "A comparison chart that shows the feature differences between the Bookings web app and the Bookings Teams app." |
commerce | Manage Self Service Signup Subscriptions | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/manage-self-service-signup-subscriptions.md | Self-service sign-up subscriptions are free and are available for a larger list ## Block users from signing up -You use the [**Update-MgPolicyAuthorizationPolicy**](/powershell/module/msonline/set-msolcompanysettings?preserve-view=true&view=azureadps-1.0) cmdlet with the **AllowAdHocSubscriptions** parameter to control whether users can sign up for self-service sign-up subscriptions. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings) +You use the [**Update-MgPolicyAuthorizationPolicy**](/powershell/module/microsoft.graph.identity.signins/update-mgpolicyauthorizationpolicy?view=graph-powershell-1.0&preserve-view=true) cmdlet with the **AllowedToSignUpEmailBasedSubscriptions** parameter to control whether users can sign up for self-service sign-up subscriptions. For more information, see [How do I control self-service settings?](/azure/active-directory/users-groups-roles/directory-self-service-signup#how-do-i-control-self-service-settings) ## Delete a self-service sign-up subscription |
enterprise | Configure User Account Properties With Microsoft 365 Powershell | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/configure-user-account-properties-with-microsoft-365-powershell.md | Title: "Configure Microsoft 365 user account properties with PowerShell" Previously updated : 12/19/2023 Last updated : 02/28/2024 audience: Admin + - azure-ad-ref-level-one-done ms.assetid: 30813f8d-b08d-444b-98c1-53df7c29b4d7 description: "Use PowerShell for Microsoft 365 to configure properties of individual or multiple user accounts in your Microsoft 365 tenant." description: "Use PowerShell for Microsoft 365 to configure properties of indivi You can use the <a href="https://go.microsoft.com/fwlink/p/?linkid=2024339" target="_blank">Microsoft 365 admin center</a> to configure properties for the user accounts of your Microsoft 365 tenant. In PowerShell, you can also do this, plus some other things you can't do in the admin center. -## Use the Azure Active Directory PowerShell for Graph module +## Configure Microsoft 365 user account properties with Microsoft Graph PowerShell -To configure properties for user accounts in the Azure Active Directory PowerShell for Graph module, use the [**Set-AzureADUser**](/powershell/module/azuread/set-azureaduser) cmdlet and specify the properties to set or change. +>[!NOTE] +> The Azure Active Directory module is being replaced by the Microsoft Graph PowerShell SDK. You can use the Microsoft Graph PowerShell SDK to access all Microsoft Graph APIs. For more information, see [Get started with the Microsoft Graph PowerShell SDK](/powershell/microsoftgraph/get-started). -First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-azure-active-directory-powershell-for-graph-module). +First, use a **Microsoft Entra DC admin**, **Cloud Application Admin**, or **Global admin** account to [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md). The cmdlets in this article require the permission scope **User.ReadWrite.All** or one of the other permissions listed in the ['List subscribedSkus' Graph API reference page](/graph/api/subscribedsku-list). Some commands in this article may require different permission scopes, in which case this will be noted in the relevant section. ++```powershell +Connect-MgGraph -Scopes "User.ReadWrite.All" +``` ### Change properties for a specific user account You identify the account with the *-ObjectID* parameter and set or change specif This is the ISO 3166-1 alpha-2 (A2) two-letter country or region code. -For additional parameters, see [Set-AzureADUser](/powershell/module/azuread/set-azureaduser). - > [!NOTE] > Before you can assign licenses to a user account, you must assign a usage location. To display the User Principal Name (UPN) for your user accounts, run the following command. ```powershell-Get-AzureADUser | Sort UserPrincipalName | Select UserPrincipalName | More +Get-MgUser -All | Sort-Object UserPrincipalName | Select-Object UserPrincipalName | More ``` This command instructs PowerShell to: -1. Get all the information on the user accounts (**Get-AzureADUser**) and send it to the next command (**|**). +1. Get all the information on the user accounts (**Get-MgUser**) and send it to the next command (**|**). 1. Sort the list of UPNs alphabetically (**Sort UserPrincipalName**) and send it to the next command (**|**). To display the UPN for an account based on its display name (first and last name ```powershell $userName="<Display name>"-Write-Host (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName +Write-Host (Get-MgUser -All | where {$_.DisplayName -eq $userName}).UserPrincipalName ``` This example displays the UPN for the user account that has the display name *Caleb Sills*. ```powershell $userName="Caleb Sills"-Write-Host (Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName +Write-Host (Get-MgUser -All | where {$_.DisplayName -eq $userName}).UserPrincipalName ``` By using a *$upn* variable, you can make changes to individual accounts based on their display name. Here's an example that sets *Belinda Newman*'s usage location to France. But it specifies her display name rather than her UPN: ```powershell $userName="Belinda Newman"-$upn=(Get-AzureADUser | where {$_.DisplayName -eq $userName}).UserPrincipalName -Set-AzureADUser -ObjectID $upn -UsageLocation FR +$upn=(Get-MgUser | where {$_.DisplayName -eq $userName}).UserPrincipalName +Update-MgUser -UserId $upn -UsageLocation "FR" ``` ### Change properties for all user accounts -To change properties for all users, you can use a combination of the **Get-AzureADUser** and **Set-AzureADUser** cmdlets. The following example changes the usage location for all users to *France*: +To change properties for all users, you can use a combination of the **Get-MgUser** and **Update-MgUser** cmdlets. The following example changes the usage location for all users to *France*: ```powershell-Get-AzureADUser -All $true | Set-AzureADUser -UsageLocation FR +Get-MgUser | ForEach-Object { Update-MgUser -UserId $_.Id -UsageLocation "FR" } ``` This command instructs PowerShell to: -1. Get all of the information on the user accounts (**Get-AzureADUser**) and send it to the next command (**|**). +1. Get all of the information on the user accounts (**Get-MgUser**) and send it to the next command (**|**). -1. Set the user location to France (**Set-AzureADUser -UsageLocation FR**). +1. Set the user location to France (**Update-MgUser -UsageLocation FR**). ### Change properties for a specific set of user accounts -To change properties for a specific set of user accounts, you can use a combination of the **Get-AzureADUser**, **Where**, and **Set-AzureADUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*: +To change properties for a specific set of user accounts, you can use a combination of the **Get-MgUser**, **Where**, and **Update-MgUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*: ```powershell-Get-AzureADUser | Where {$_.Department -eq "Accounting"} | Set-AzureADUser -UsageLocation FR +Get-MgUser -All | Where-Object {$_.Department -eq "Accounting"} | ForEach-Object {Update-MgUser -UserId $_.Id -UsageLocation "FR"} ``` This command instructs PowerShell to: -1. Get all the information on the user accounts (**Get-AzureADUser**), and send it to the next command (**|**). +1. Get all the information on the user accounts (**Get-MgUser**), and send it to the next command (**|**). 1. Find all the user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**), and send the resulting information to the next command (**|**). -1. Set the user location to France (**Set-AzureADUser -UsageLocation FR**). --## Use the Microsoft Azure Active Directory module for Windows PowerShell --To configure properties for user accounts with the Microsoft Azure Active Directory module for Windows PowerShell, use the **Set-MsolUser** cmdlet and specify the properties to set or change. --First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell). - -> [!NOTE] -> PowerShell Core doesn't support the Microsoft Azure Active Directory module for Windows PowerShell module and cmdlets with *Msol* in their name. Run these cmdlets from Windows PowerShell. --### Change properties for a specific user account --To configure properties for a specific user account, use the [**Set-MsolUser**](/previous-versions/azure/dn194136(v=azure.100)) cmdlet and specify the properties to set or change. --You identify the account with the *-UserPrincipalName* parameter and set or change specific properties by using additional parameters. Here's a list of the most common parameters. - -- -City "\<city name>"--- -Country "\<country name>"--- -Department "\<department name>"--- -DisplayName "\<full user name>"--- -Fax "\<fax number>"--- -FirstName "\<user first name>"--- -LastName "\<user last name>"--- -MobilePhone "\<mobile phone number>"--- -Office "\<office location>"--- -PhoneNumber "\<office phone number>"--- -PostalCode "\<postal code>"--- -PreferredLanguage "\<language>"--- -State "\<state name>"--- -StreetAddress "\<street address>"--- -Title "\<title name>"--- -UsageLocation "\<2-character country or region code>"-- This is the ISO 3166-1 alpha-2 (A2) two-letter country or region code. --For additional parameters, see [Set-MsolUser](/previous-versions/azure/dn194136(v=azure.100)). --To see the UPNs of all your users, run the following command: - -```powershell -Get-MSolUser | Sort UserPrincipalName | Select UserPrincipalName | More -``` --This command instructs PowerShell to: - -1. Get all of information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**). --1. Sort the list of UPNs alphabetically (**Sort UserPrincipalName**) and send it to the next command (**|**). --1. Display just the UPN property for each account (**Select UserPrincipalName**). --1. Display them one screen at a time (**More**). --To display the UPN for an account based on its display name (first and last name), run the following commands. Fill in the *$userName* variable, and remove the \< and > characters. - -```powershell -$userName="<Display name>" -Write-Host (Get-MsolUser | where {$_.DisplayName -eq $userName}).UserPrincipalName -``` --This example displays the UPN for the user named Caleb Sills: - -```powershell -$userName="Caleb Sills" -Write-Host (Get-MsolUser | where {$_.DisplayName -eq $userName}).UserPrincipalName -``` --By using a *$upn* variable, you can make changes to individual accounts based on their display name. Here's an example that sets *Belinda Newman*'s usage location to *France*, but specifies her display name rather than her UPN: - -```powershell -$userName="<display name>" -$upn=(Get-MsolUser | where {$_.DisplayName -eq $userName}).UserPrincipalName -Set-MsolUser -UserPrincipalName $upn -UsageLocation FR -``` --### Change properties for all user accounts --To change properties for all users, use a combination of the **Get-MsolUser** and **Set-MsolUser** cmdlets. The following example changes the usage location for all users to *France*: - -```powershell -Get-MsolUser | Set-MsolUser -UsageLocation FR -``` --This command instructs PowerShell to: - -1. Get all the information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**). --1. Set the user location to France (**Set-MsolUser -UsageLocation FR**). --### Change properties for a specific set of user accounts --To change properties for a specific set of user accounts, you can use a combination of the **Get-MsolUser**, **Where**, and **Set-MsolUser** cmdlets. The following example changes the usage location for all the users in the Accounting department to *France*: - -```powershell -Get-MsolUser | Where {$_.Department -eq "Accounting"} | Set-MsolUser -UsageLocation FR -``` --This command instructs PowerShell to: - -1. Get all the information for the user accounts (**Get-MsolUser**) and send it to the next command (**|**). --1. Find all user accounts that have their *Department* property set to "Accounting" (**Where {$_.Department -eq "Accounting"}**) and send the resulting information to the next command (**|**). --1. Set the user location to France (**Set-MsolUser -UsageLocation FR**). +1. Set the user location to France (**Update-MgUser -UsageLocation FR**). ## See also |
enterprise | Create User Accounts With Microsoft 365 Powershell | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/enterprise/create-user-accounts-with-microsoft-365-powershell.md | Title: "Create Microsoft 365 user accounts with PowerShell" Previously updated : 12/29/2023 Last updated : 02/28/2024 audience: Admin + - azure-ad-ref-level-one-done ms.assetid: 6770c5fa-b886-4512-8c67-ffd53226589e description: How to use PowerShell to create individual or multiple Microsoft 365 user accounts. description: How to use PowerShell to create individual or multiple Microsoft 36 *This article applies to both Microsoft 365 Enterprise and Office 365 Enterprise.* -You can use PowerShell for Microsoft 365 to efficiently create user accounts, including multiple accounts. +You can use Microsoft Graph PowerShell to efficiently create user accounts, including multiple accounts. When you create user accounts in PowerShell, certain account properties are always required. Other properties aren't required but are important. See the following table. When you create user accounts in PowerShell, certain account properties are alwa > > For a list of additional resources, see [Manage users and groups](/admin). -## Use the Azure Active Directory PowerShell for Graph module +## Create Microsoft 365 user accounts with Microsoft Graph PowerShell -First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-azure-active-directory-powershell-for-graph-module). +>[!NOTE] +> The Azure Active Directory module is being replaced by the Microsoft Graph PowerShell SDK. You can use the Microsoft Graph PowerShell SDK to access all Microsoft Graph APIs. For more information, see [Get started with the Microsoft Graph PowerShell SDK](/powershell/microsoftgraph/get-started). -After you connect, use the following syntax to create an individual account: - -```powershell -$PasswordProfile=New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile -$PasswordProfile.Password="<user account password>" -New-AzureADUser -DisplayName "<display name>" -GivenName "<first name>" -SurName "<last name>" -UserPrincipalName <sign-in name> -UsageLocation <ISO 3166-1 alpha-2 country code> -MailNickName <mailbox name> -PasswordProfile $PasswordProfile -AccountEnabled $true -``` +First, use a **Microsoft Entra DC admin**, **Cloud Application Admin**, or **Global admin** account to [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md). The cmdlets in this article require the permission scope **User.ReadWrite.All** or one of the other permissions listed in the ['List subscribedSkus' Graph API reference page](/graph/api/subscribedsku-list). Some commands in this article may require different permission scopes, in which case this will be noted in the relevant section. -This example creates an account for the US user *Caleb Sills*: - ```powershell-$PasswordProfile=New-Object -TypeName Microsoft.Open.AzureAD.Model.PasswordProfile -$PasswordProfile.Password="3Rv0y1q39/chsy" -New-AzureADUser -DisplayName "Caleb Sills" -GivenName "Caleb" -SurName "Sills" -UserPrincipalName calebs@contoso.onmicrosoft.com -UsageLocation US -MailNickName calebs -PasswordProfile $PasswordProfile -AccountEnabled $true +Connect-MgGraph -Scopes "User.ReadWrite.All" ``` -## Use the Microsoft Azure Active Directory module for Windows PowerShell --First, [connect to your Microsoft 365 tenant](connect-to-microsoft-365-powershell.md#connect-with-the-microsoft-azure-active-directory-module-for-windows-powershell). - ### Create an individual user account To create an individual account, use the following syntax: ```powershell-New-MsolUser -DisplayName <display name> -FirstName <first name> -LastName <last name> -UserPrincipalName <sign-in name> -UsageLocation <ISO 3166-1 alpha-2 country code> -LicenseAssignment <licensing plan name> [-Password <Password>] +$PasswordProfile = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile +$PasswordProfile.Password = "<user account password>" +New-MgUser -DisplayName "<display name>" -GivenName "<first name>" -Surname "<last name>" -UserPrincipalName <sign-in name> -UsageLocation <ISO 3166-1 alpha-2 country code> -MailNickname <mailbox name> -PasswordProfile $PasswordProfile -AccountEnabled $true ``` -> [!NOTE] -> PowerShell Core doesn't support the Microsoft Azure Active Directory module for Windows PowerShell module and cmdlets that have *Msol* in their name. Run these cmdlets from Windows PowerShell. --To list the available [licensing plan names](/azure/active-directory/enterprise-users/licensing-service-plan-reference), use this command: --````powershell -Get-MsolAccountSku -```` --This example creates an account for the US user *Caleb Sills*, and assigns a license from the `contoso:ENTERPRISEPACK` (Office 365 Enterprise E3) licensing plan. +This example creates an account for the US user *John Doe*. ```powershell-New-MsolUser -DisplayName "Caleb Sills" -FirstName Caleb -LastName Sills -UserPrincipalName calebs@contoso.onmicrosoft.com -UsageLocation US -LicenseAssignment contoso:ENTERPRISEPACK +$PasswordProfile = New-Object -TypeName Microsoft.Graph.PowerShell.Models.MicrosoftGraphPasswordProfile +$PasswordProfile.Password = "3Rv0y1q39/chsy" +New-MgUser -DisplayName "John Doe" -GivenName "John" -Surname "Doe" -UserPrincipalName johnd@contoso.onmicrosoft.com -UsageLocation "US" -MailNickname "johnd" -PasswordProfile $PasswordProfile -AccountEnabled $true ``` ### Create multiple user accounts New-MsolUser -DisplayName "Caleb Sills" -FirstName Caleb -LastName Sills -UserPr 1. Create a comma-separated value (CSV) file that contains the required user account information. For example: ```powershell- UserPrincipalName,FirstName,LastName,DisplayName,UsageLocation,AccountSkuId - ClaudeL@contoso.onmicrosoft.com,Claude,Loiselle,Claude Loiselle,US,contoso:ENTERPRISEPACK - LynneB@contoso.onmicrosoft.com,Lynne,Baxter,Lynne Baxter,US,contoso:ENTERPRISEPACK - ShawnM@contoso.onmicrosoft.com,Shawn,Melendez,Shawn Melendez,US,contoso:ENTERPRISEPACK + UserPrincipalName,FirstName,LastName,DisplayName,UsageLocation,MailNickname + ClaudeL@contoso.onmicrosoft.com,Claude,Loiselle,Claude Loiselle,US,claudel + LynneB@contoso.onmicrosoft.com,Lynne,Baxter,Lynne Baxter,US,lynneb + ShawnM@contoso.onmicrosoft.com,Shawn,Melendez,Shawn Melendez,US,shawnm ``` > [!NOTE] > The column names and their order in the first row of the CSV file are arbitrary. But make sure the order of the data in the rest of the file matches the order of the column names. And use the column names for the parameter values in the PowerShell for Microsoft 365 command. -2. Use the following syntax: -- ```powershell - Import-Csv -Path <Input CSV File Path and Name> | foreach {New-MsolUser -DisplayName $_.DisplayName -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -UsageLocation $_.UsageLocation -LicenseAssignment $_.AccountSkuId [-Password $_.Password]} | Export-Csv -Path <Output CSV File Path and Name> - ``` -- This example creates user accounts from the file *C:\My Documents\NewAccounts.csv* and logs the results in a file named *C:\My Documents\NewAccountResults.csv*. +2. This example creates user accounts from the file *C:\temp\NewAccounts.csv* and logs the results in a file named *C:\temp\NewAccountResults.csv*. ```powershell- Import-Csv -Path "C:\My Documents\NewAccounts.csv" | foreach {New-MsolUser -DisplayName $_.DisplayName -FirstName $_.FirstName -LastName $_.LastName -UserPrincipalName $_.UserPrincipalName -UsageLocation $_.UsageLocation -LicenseAssignment $_.AccountSkuId} | Export-Csv -Path "C:\My Documents\NewAccountResults.csv" + # Import the CSV file + $users = Import-Csv -Path "C:\temp\NewAccounts.csv" ++ # Create a password profile + $PasswordProfile = @{ + Password = 'Password123' + } ++ # Loop through each user in the CSV file + foreach ($user in $users) { + # Create a new user + $newUser = New-MgUser -DisplayName $user.DisplayName -GivenName $user.FirstName -Surname $user.LastName -UserPrincipalName $user.UserPrincipalName -UsageLocation $user.UsageLocation -MailNickname $user.MailNickname -PasswordProfile $passwordProfile -AccountEnabled ++ # Assign a license to the new user + $e5Sku = Get-MgSubscribedSku -All | Where SkuPartNumber -eq 'SPE_E5' + Set-MgUserLicense -UserId $newUser.Id -AddLicenses @{SkuId = $e5Sku.SkuId} -RemoveLicenses @() + } ++ # Export the results to a CSV file + $users | Export-Csv -Path "C:\temp\NewAccountResults.csv" -NoTypeInformation ``` -3. Review the output file to see the results. We didn't specify passwords, so the random passwords that Microsoft 365 generated are visible in the output file. +3. Review the output file to see the results. ## See also |
includes | Microsoft 365 Content Updates | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/includes/microsoft-365-content-updates.md | +## Week of February 26, 2024 +++| Published On |Topic title | Change | +|||--| +| 2/26/2024 | [Manage the gradual rollout process for Microsoft Defender updates](/microsoft-365/security/defender-endpoint/manage-gradual-rollout?view=o365-worldwide) | modified | +| 2/26/2024 | [Understand app protection access requirements using Microsoft Intune](/microsoft-365/solutions/apps-protect-access-requirements?view=o365-worldwide) | added | +| 2/26/2024 | [Understand app protection conditional launch using Microsoft Intune](/microsoft-365/solutions/apps-protect-conditional-launch?view=o365-worldwide) | added | +| 2/26/2024 | [Understand app data protection using Microsoft Intune](/microsoft-365/solutions/apps-protect-data-protection?view=o365-worldwide) | added | +| 2/26/2024 | [Use the app protection framework with Microsoft Intune](/microsoft-365/solutions/apps-protect-framework?view=o365-worldwide) | added | +| 2/26/2024 | [Understand app protection health checks using Microsoft Intune](/microsoft-365/solutions/apps-protect-health-checks?view=o365-worldwide) | added | +| 2/26/2024 | [Secure and protect apps using Microsoft Intune](/microsoft-365/solutions/apps-protect-overview?view=o365-worldwide) | added | +| 2/26/2024 | [Step 1. Apply minimum data protection](/microsoft-365/solutions/apps-protect-step-1?view=o365-worldwide) | added | +| 2/26/2024 | [Step 2. Apply enhanced data protection](/microsoft-365/solutions/apps-protect-step-2?view=o365-worldwide) | added | +| 2/26/2024 | [Step 3. Apply high data protection](/microsoft-365/solutions/apps-protect-step-3?view=o365-worldwide) | added | +| 2/26/2024 | [Step 4. Understand app protection delivery](/microsoft-365/solutions/apps-protect-step-4?view=o365-worldwide) | added | +| 2/26/2024 | [Step 5. Verify and monitor app protection](/microsoft-365/solutions/apps-protect-step-5?view=o365-worldwide) | added | +| 2/26/2024 | [Step 6. Use app protection actions](/microsoft-365/solutions/apps-protect-step-6?view=o365-worldwide) | added | +| 2/26/2024 | [Evaluate and pilot Microsoft Defender XDR security, an XDR solution that unifies threat data so you can take action.](/microsoft-365/security/defender/eval-overview?view=o365-worldwide) | modified | +| 2/26/2024 | [Automatic user notifications for user reported phishing results in AIR](/microsoft-365/security/office-365-security/air-user-automatic-feedback-response?view=o365-worldwide) | modified | +| 2/27/2024 | [Configuring external data integrations for Loop experiences](/microsoft-365/loop/loop-data-integrations-configuration?view=o365-worldwide) | added | +| 2/27/2024 | [Early Launch Antimalware (ELAM) and Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/elam-on-mdav?view=o365-worldwide) | added | +| 2/27/2024 | [Manage Loop components in OneDrive and SharePoint](/microsoft-365/loop/loop-components-configuration?view=o365-worldwide) | modified | +| 2/27/2024 | [Cloud protection and sample submission at Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/cloud-protection-microsoft-antivirus-sample-submission?view=o365-worldwide) | modified | +| 2/27/2024 | [Manage Microsoft Defender Antivirus in your business](/microsoft-365/security/defender-endpoint/configuration-management-reference-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/27/2024 | [Configure Microsoft Defender Antivirus features](/microsoft-365/security/defender-endpoint/configure-microsoft-defender-antivirus-features?view=o365-worldwide) | modified | +| 2/27/2024 | [Vulnerability support in Microsoft Defender Vulnerability Management](/microsoft-365/security/defender-vulnerability-management/fixed-reported-inaccuracies?view=o365-worldwide) | modified | +| 2/27/2024 | [Block vulnerable applications.](/microsoft-365/security/defender-vulnerability-management/tvm-block-vuln-apps?view=o365-worldwide) | modified | +| 2/27/2024 | [Built-in virus protection in SharePoint Online, OneDrive, and Microsoft Teams](/microsoft-365/security/office-365-security/anti-malware-protection-for-spo-odfb-teams-about?view=o365-worldwide) | modified | +| 2/27/2024 | [Migrate from a third-party protection service to Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/migrate-to-defender-for-office-365?view=o365-worldwide) | modified | +| 2/27/2024 | [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide) | modified | +| 2/27/2024 | [Data collection for advanced troubleshooting on Windows](/microsoft-365/security/defender-endpoint/data-collection-analyzer?view=o365-worldwide) | modified | +| 2/27/2024 | [Why you should use Microsoft Defender Antivirus together with Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/why-use-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/27/2024 | [Anti-malware Scan Interface (AMSI) integration with Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/amsi-on-mdav?view=o365-worldwide) | added | +| 2/27/2024 | [Run and customize scheduled and on-demand scans](/microsoft-365/security/defender-endpoint/customize-run-review-remediate-scans-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/27/2024 | [Antivirus solution compatibility with Defender for Endpoint](/microsoft-365/security/defender-endpoint/defender-compatibility?view=o365-worldwide) | modified | +| 2/27/2024 | [Apply Microsoft Defender Antivirus updates after certain events](/microsoft-365/security/defender-endpoint/manage-event-based-updates-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender Antivirus security intelligence and product updates](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-updates?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender Antivirus updates - Previous versions for technical upgrade support](/microsoft-365/security/defender-endpoint/msda-updates-previous-versions-technical-upgrade-support?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender for Cloud in the Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-security-center-defender-cloud?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender for Endpoint in the Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-security-center-mde?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender for Identity in the Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-security-center-mdi?view=o365-worldwide) | modified | +| 2/27/2024 | [Microsoft Defender for Office 365 in the Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-security-center-mdo?view=o365-worldwide) | modified | +| 2/27/2024 | [Redirecting from the Microsoft Defender Security Center to the Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-security-mde-redirection?view=o365-worldwide) | modified | +| 2/27/2024 | [Compliance features in Microsoft 365 Archive (Preview)](/microsoft-365/syntex/archive/archive-compliance) | modified | +| 2/28/2024 | [Coin miners](/microsoft-365/security/defender-endpoint/malware/coinminer-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Exploits and exploit kits](/microsoft-365/security/defender-endpoint/malware/exploits-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Fileless threats](/microsoft-365/security/defender-endpoint/malware/fileless-threats?view=o365-worldwide) | added | +| 2/28/2024 | [Macro malware](/microsoft-365/security/defender-endpoint/malware/macro-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Phishing trends and techniques](/microsoft-365/security/defender-endpoint/malware/phishing-trends?view=o365-worldwide) | added | +| 2/28/2024 | [How to protect against phishing attacks](/microsoft-365/security/defender-endpoint/malware/phishing?view=o365-worldwide) | added | +| 2/28/2024 | [Prevent malware infection](/microsoft-365/security/defender-endpoint/malware/prevent-malware-infection?view=o365-worldwide) | added | +| 2/28/2024 | [Rootkits](/microsoft-365/security/defender-endpoint/malware/rootkits-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Supply chain attacks](/microsoft-365/security/defender-endpoint/malware/supply-chain-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Tech Support Scams](/microsoft-365/security/defender-endpoint/malware/support-scams?view=o365-worldwide) | added | +| 2/28/2024 | [Trojan malware](/microsoft-365/security/defender-endpoint/malware/trojans-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Understanding malware & other threats](/microsoft-365/security/defender-endpoint/malware/understanding-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Unwanted software](/microsoft-365/security/defender-endpoint/malware/unwanted-software?view=o365-worldwide) | added | +| 2/28/2024 | [Worms](/microsoft-365/security/defender-endpoint/malware/worms-malware?view=o365-worldwide) | added | +| 2/28/2024 | [Configure junk email settings on Exchange Online mailboxes](/microsoft-365/security/office-365-security/configure-junk-email-settings-on-exo-mailboxes?view=o365-worldwide) | modified | +| 2/28/2024 | [Manage Shifts permissions for frontline managers](/microsoft-365/frontline/manage-shifts-permissions-frontline-managers?view=o365-worldwide) | added | +| 2/28/2024 | [Behavior monitoring in Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/behavior-monitor?view=o365-worldwide) | added | +| 2/28/2024 | [Windows and Office 365 deployment lab kit](/microsoft-365/enterprise/modern-desktop-deployment-and-management-lab?view=o365-worldwide) | modified | +| 2/28/2024 | [Deploy frontline dynamic teams at scale](/microsoft-365/frontline/deploy-dynamic-teams-at-scale?view=o365-worldwide) | modified | +| 2/28/2024 | [Overview of next-generation protection in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/next-generation-protection?view=o365-worldwide) | modified | +| 2/28/2024 | [Use PowerShell cmdlets to configure and run Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/use-powershell-cmdlets-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/28/2024 | Configure Directory Services account in Microsoft Defender for Identity | removed | +| 2/28/2024 | Microsoft Defender for Identity entity tags in Microsoft Defender XDR | removed | +| 2/28/2024 | Microsoft Defender for Identity detection exclusions in Microsoft Defender XDR | removed | +| 2/28/2024 | Microsoft Defender for Identity security alerts in Microsoft Defender XDR | removed | +| 2/28/2024 | Microsoft Defender for Identity notifications in Microsoft Defender XDR | removed | +| 2/28/2024 | Microsoft Defender for Identity sensor health and settings in Microsoft Defender XDR | removed | +| 2/28/2024 | Microsoft Defender for Identity VPN integration in Microsoft Defender XDR | removed | +| 2/28/2024 | [Advanced technologies at the core of Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/adv-tech-of-mdav?view=o365-worldwide) | added | +| 2/28/2024 | [Run Microsoft Defender Antivirus in a sandbox environment](/microsoft-365/security/defender-endpoint/sandbox-mdav?view=o365-worldwide) | added | +| 2/28/2024 | [Configure the Microsoft Defender Antivirus cloud block timeout period](/microsoft-365/security/defender-endpoint/configure-cloud-block-timeout-period-microsoft-defender-antivirus?view=o365-worldwide) | modified | +| 2/28/2024 | [Create and manage device tags](/microsoft-365/security/defender-endpoint/machine-tags?view=o365-worldwide) | modified | +| 2/29/2024 | [Configure and manage Microsoft Defender Experts capabilities](/microsoft-365/security/defender-endpoint/configure-microsoft-threat-experts?view=o365-worldwide) | modified | +| 2/29/2024 | [Preview limitations in Microsoft 365 Backup (Preview)](/microsoft-365/syntex/backup/backup-limitations) | modified | +| 2/29/2024 | [Disable access to Microsoft 365 services with PowerShell](/microsoft-365/enterprise/disable-access-to-services-with-microsoft-365-powershell?view=o365-worldwide) | modified | +| 2/29/2024 | [What's new in Microsoft Defender Vulnerability Management](/microsoft-365/security/defender-vulnerability-management/whats-new-in-microsoft-defender-vulnerability-management?view=o365-worldwide) | modified | +| 2/29/2024 | [Manage Loop app preview](/microsoft-365/loop/loop-preview-configuration?view=o365-worldwide) | added | +| 2/29/2024 | [Deploy Shifts to your frontline teams at scale](/microsoft-365/frontline/deploy-shifts-at-scale?view=o365-worldwide) | modified | +| 2/29/2024 | [Get started with Microsoft 365 for healthcare organizations](/microsoft-365/frontline/teams-in-hc?view=o365-worldwide) | modified | +| 2/29/2024 | [Manage Loop workspaces in SharePoint Embedded](/microsoft-365/loop/loop-workspaces-configuration?view=o365-worldwide) | modified | +| 2/29/2024 | [Onboard Windows devices using a local script](/microsoft-365/security/defender-endpoint/configure-endpoints-script?view=o365-worldwide) | modified | +| 2/29/2024 | [Set preferences for Microsoft Defender for Endpoint on Mac](/microsoft-365/security/defender-endpoint/mac-preferences?view=o365-worldwide) | modified | +| 2/29/2024 | [Microsoft Defender Antivirus in Windows](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-windows?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Microsoft Copilot for Microsoft 365](/microsoft-365/enterprise/m365-dr-workload-copilot?view=o365-worldwide) | added | +| 3/1/2024 | [Advanced data residency in Microsoft 365](/microsoft-365/enterprise/advanced-data-residency?view=o365-worldwide) | modified | +| 3/1/2024 | [Advanced Data Residency Commitments](/microsoft-365/enterprise/m365-dr-commitments?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency Legacy Move Program](/microsoft-365/enterprise/m365-dr-legacy-move-program?view=o365-worldwide) | modified | +| 3/1/2024 | [Overview and Definitions](/microsoft-365/enterprise/m365-dr-overview?view=o365-worldwide) | modified | +| 3/1/2024 | [Overview of Product Terms Data Residency](/microsoft-365/enterprise/m365-dr-product-terms-dr?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Exchange Online](/microsoft-365/enterprise/m365-dr-workload-exo?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Microsoft Defender for Office P1](/microsoft-365/enterprise/m365-dr-workload-mdo-p1?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Other Microsoft 365 Services](/microsoft-365/enterprise/m365-dr-workload-other?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Microsoft Purview](/microsoft-365/enterprise/m365-dr-workload-purview?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for SharePoint and OneDrive](/microsoft-365/enterprise/m365-dr-workload-spo?view=o365-worldwide) | modified | +| 3/1/2024 | [Data Residency for Microsoft Teams](/microsoft-365/enterprise/m365-dr-workload-teams?view=o365-worldwide) | modified | +| 3/1/2024 | [Advanced technologies at the core of Microsoft Defender Antivirus](/microsoft-365/security/defender-endpoint/adv-tech-of-mdav?view=o365-worldwide) | modified | +| 3/1/2024 | [Evaluate network protection](/microsoft-365/security/defender-endpoint/evaluate-network-protection?view=o365-worldwide) | modified | +| 3/1/2024 | [Create custom Microsoft Defender XDR reports using Microsoft Graph security API and Power BI](/microsoft-365/security/defender/defender-xdr-custom-reports?view=o365-worldwide) | modified | +| 3/1/2024 | [Memory regression analysis](/microsoft-365/test-base/memory?view=o365-worldwide) | modified | +| 3/1/2024 | [Hardware acceleration and Microsoft Defender Antivirus.](/microsoft-365/security/defender-endpoint/hardware-acceleration-and-mdav?view=o365-worldwide) | added | +| 3/1/2024 | [Evaluate Microsoft Defender Antivirus using PowerShell.](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-using-powershell?view=o365-worldwide) | added | +| 3/1/2024 | [Microsoft 365 admin center SharePoint activity reports](/microsoft-365/admin/activity-reports/sharepoint-activity-ww?view=o365-worldwide) | modified | +| 3/1/2024 | [Microsoft 365 admin center Viva Engage activity reports](/microsoft-365/admin/activity-reports/viva-engage-activity-report-ww?view=o365-worldwide) | modified | +| 3/1/2024 | [Microsoft 365 admin center Viva Learning activity reports](/microsoft-365/admin/activity-reports/viva-learning-activity?view=o365-worldwide) | modified | +| 3/1/2024 | [Transfer data manually between two accounts](/microsoft-365/admin/get-help-with-domains/transfer-data-manually?view=o365-worldwide) | modified | +| 3/1/2024 | [Domains Frequently Asked Questions](/microsoft-365/admin/setup/domains-faq?view=o365-worldwide) | modified | ++ ## Week of February 19, 2024 | 2/2/2024 | [View Microsoft 365 licenses and services with PowerShell](/microsoft-365/enterprise/view-licenses-and-services-with-microsoft-365-powershell?view=o365-worldwide) | modified | | 2/2/2024 | [Attack surface reduction rules reference](/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference?view=o365-worldwide) | modified | | 2/2/2024 | [Microsoft Defender XDR # < 60 chars](/microsoft-365/security/defender/index?view=o365-worldwide) | modified |---## Week of January 22, 2024 ---| Published On |Topic title | Change | -|||--| -| 1/21/2024 | [Vulnerable components](/microsoft-365/security/defender-vulnerability-management/tvm-vulnerable-components?view=o365-worldwide) | added | -| 1/22/2024 | [Review detected threats on devices and take action](/microsoft-365/business-premium/m365bp-review-threats-take-action?view=o365-worldwide) | modified | -| 1/22/2024 | [Email security with Threat Explorer in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/email-security-in-microsoft-defender?view=o365-worldwide) | modified | -| 1/22/2024 | [Manage quarantined messages and files as an admin](/microsoft-365/security/office-365-security/quarantine-admin-manage-messages-files?view=o365-worldwide) | modified | -| 1/22/2024 | [Manage allows and blocks in the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-about?view=o365-worldwide) | modified | -| 1/23/2024 | [Connect to all Microsoft 365 services in a single PowerShell window](/microsoft-365/enterprise/connect-to-all-microsoft-365-services-in-a-single-windows-powershell-window?view=o365-worldwide) | modified | -| 1/23/2024 | [Prioritize incidents in Microsoft Defender XDR](/microsoft-365/security/defender/incident-queue?view=o365-worldwide) | modified | -| 1/23/2024 | [Responding to your first incident in Microsoft Defender XDR](/microsoft-365/security/defender/respond-first-incident-365-defender?view=o365-worldwide) | modified | -| 1/23/2024 | [What's new in Microsoft Defender XDR](/microsoft-365/security/defender/whats-new?view=o365-worldwide) | modified | -| 1/23/2024 | [Onboard non-Windows devices to the Microsoft Defender for Endpoint service](/microsoft-365/security/defender-endpoint/configure-endpoints-non-windows?view=o365-worldwide) | modified | -| 1/23/2024 | [Microsoft Defender for Endpoint demonstration scenarios](/microsoft-365/security/defender-endpoint/defender-endpoint-demonstrations?view=o365-worldwide) | modified | -| 1/24/2024 | [Configure the advanced delivery policy for third-party phishing simulations and email delivery to SecOps mailboxes](/microsoft-365/security/office-365-security/advanced-delivery-policy-configure?view=o365-worldwide) | modified | -| 1/24/2024 | [Create Microsoft 365 user accounts with PowerShell](/microsoft-365/enterprise/create-user-accounts-with-microsoft-365-powershell?view=o365-worldwide) | modified | -| 1/24/2024 | [Get started with PowerShell for Microsoft 365](/microsoft-365/enterprise/getting-started-with-microsoft-365-powershell?view=o365-worldwide) | modified | -| 1/24/2024 | [View directory synchronization errors in Microsoft 365](/microsoft-365/enterprise/identify-directory-synchronization-errors?view=o365-worldwide) | modified | -| 1/24/2024 | [Manage SharePoint users and groups with PowerShell](/microsoft-365/enterprise/manage-sharepoint-users-and-groups-with-powershell?view=o365-worldwide) | modified | -| 1/24/2024 | [Microsoft 365 Network Connectivity Overview](/microsoft-365/enterprise/microsoft-365-networking-overview?view=o365-worldwide) | modified | -| 1/24/2024 | [Use the Page Diagnostics tool for SharePoint Online](/microsoft-365/enterprise/page-diagnostics-for-spo?view=o365-worldwide) | modified | -| 1/24/2024 | [Investigate incidents in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/investigate-incidents?view=o365-worldwide) | modified | -| 1/24/2024 | [What's new in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/whats-new-in-microsoft-defender-endpoint?view=o365-worldwide) | modified | -| 1/24/2024 | [Security, privacy, and compliance](/microsoft-365/business-premium/m365bp-security-privacy-compliance?view=o365-worldwide) | added | -| 1/24/2024 | [View Defender for Office 365 reports](/microsoft-365/security/office-365-security/reports-defender-for-office-365?view=o365-worldwide) | modified | -| 1/24/2024 | [View email security reports](/microsoft-365/security/office-365-security/reports-email-security?view=o365-worldwide) | modified | -| 1/24/2024 | [Manage submissions](/microsoft-365/security/office-365-security/submissions-admin?view=o365-worldwide) | modified | -| 1/25/2024 | [Allow or block URLs using the Tenant Allow/Block List](/microsoft-365/security/office-365-security/tenant-allow-block-list-urls-configure?view=o365-worldwide) | modified | -| 1/25/2024 | [Use the Microsoft 365 admin center to manage your Shifts connection to UKG Pro Workforce Management](/microsoft-365/frontline/shifts-connector-ukg-admin-center-manage?view=o365-worldwide) | modified | -| 1/25/2024 | [Vulnerability support in Microsoft Defender Vulnerability Management](/microsoft-365/security/defender-vulnerability-management/fixed-reported-inaccuracies?view=o365-worldwide) | modified | -| 1/25/2024 | [Understand the Microsoft 365 E3 and E5 Extra Features license](/microsoft-365/commerce/licenses/e3-extra-features-licenses?view=o365-worldwide) | modified | -| 1/25/2024 | [Corporate communications with frontline workers](/microsoft-365/frontline/flw-corp-comms?view=o365-worldwide) | modified | -| 1/25/2024 | [Provide initial and ongoing training to help onboard your frontline workers](/microsoft-365/frontline/flw-onboarding-training?view=o365-worldwide) | modified | -| 1/25/2024 | [Microsoft 365 documentation # < 60 chars](/microsoft-365/index?view=o365-worldwide) | modified | -| 1/26/2024 | [Microsoft 365 admin center Teams app usage reports](/microsoft-365/admin/activity-reports/microsoft-teams-apps-usage?view=o365-worldwide) | modified | -| 1/26/2024 | [Migrate business email and calendar from Google Workspace](/microsoft-365/admin/moveto-microsoft-365/migrate-email?view=o365-worldwide) | modified | -| 1/26/2024 | [Launch your portal using the Portal launch scheduler](/microsoft-365/enterprise/portallaunchscheduler?view=o365-worldwide) | modified | -| 1/26/2024 | [OneDrive Cross-tenant OneDrive migration Step 1](/microsoft-365/enterprise/cross-tenant-onedrive-migration-step1?view=o365-worldwide) | modified | -| 1/26/2024 | [OneDrive Cross-tenant OneDrive migration Step 6](/microsoft-365/enterprise/cross-tenant-onedrive-migration-step6?view=o365-worldwide) | modified | -| 1/26/2024 | [SharePoint site Cross-tenant SharePoint migration Step 6 (preview)](/microsoft-365/enterprise/cross-tenant-sharepoint-migration-step6?view=o365-worldwide) | modified | -| 1/26/2024 | [Join or leave a multitenant organization in Microsoft 365 (Preview)](/microsoft-365/enterprise/join-leave-multi-tenant-org?view=o365-worldwide) | modified | -| 1/26/2024 | [Use Office 365 Content Delivery Network (CDN) with SharePoint Online](/microsoft-365/enterprise/use-microsoft-365-cdn-with-spo?view=o365-worldwide) | modified | -| 1/26/2024 | [Manual deployment for Microsoft Defender for Endpoint on macOS](/microsoft-365/security/defender-endpoint/mac-install-manually?view=o365-worldwide) | modified | -| 1/26/2024 | [Production ring deployment using Group Policy and network share](/microsoft-365/security/defender-endpoint/microsoft-defender-antivirus-ring-deployment-group-policy-network-share?view=o365-worldwide) | modified | -| 1/26/2024 | [Use network protection to help prevent Linux connections to bad sites](/microsoft-365/security/defender-endpoint/network-protection-linux?view=o365-worldwide) | modified | -| 1/26/2024 | [Professional services supported by Microsoft Defender XDR](/microsoft-365/security/defender-endpoint/professional-services?view=o365-worldwide) | modified | -| 1/26/2024 | [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-worldwide) | modified | -| 1/26/2024 | [Incident response with Microsoft Defender XDR](/microsoft-365/security/defender/incidents-overview?view=o365-worldwide) | modified | -| 1/26/2024 | [Buy or remove licenses for a Microsoft business subscription](/microsoft-365/commerce/licenses/buy-licenses?view=o365-worldwide) | modified | -| 1/26/2024 | [Build queries using guided mode in Microsoft Defender XDR advanced hunting](/microsoft-365/security/defender/advanced-hunting-query-builder?view=o365-worldwide) | modified | -| 1/26/2024 | [Investigate data loss alerts with Microsoft Defender XDR](/microsoft-365/security/defender/dlp-investigate-alerts-defender?view=o365-worldwide) | modified | -| 1/26/2024 | [Remediate your first incident in Microsoft Defender XDR](/microsoft-365/security/defender/respond-first-incident-remediate?view=o365-worldwide) | modified | -| 1/26/2024 | [Step 7. Verify app configuration](/microsoft-365/solutions/apps-config-step-7?view=o365-worldwide) | modified | -| 1/26/2024 | [Onboard trusted vendors to collaborate in Microsoft 365](/microsoft-365/solutions/trusted-vendor-onboarding?view=o365-worldwide) | modified | -| 1/26/2024 | [Microsoft Defender portal](/microsoft-365/security/defender/microsoft-365-defender-portal?view=o365-worldwide) | modified | -| 1/26/2024 | [How Microsoft identifies malware and potentially unwanted applications](/microsoft-365/security/intelligence/criteria?view=o365-worldwide) | modified | |
security | Android Whatsnew | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/android-whatsnew.md | Last updated 10/25/2023 Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink) > [!IMPORTANT]-> Microsoft Defender for Endpoint's **Anti malware engine** is now generally available. All the users are required to have a Microsoft Defender for Endpoint version **1.0.3815.0000** or later to utilize this new malware protection capability. Users on Microsoft Defender for Endpoint earlier than version 1.0.3815.0000 are sent notifications and in-app overlay messages to update their Microsoft Defender for Endpoint application. Users can click on the link provided in the overlay message to go to the managed play store and update the application. -> -> If users can't access the play store, the app can be updated through the company portal. +> ## Network Protection ΓÇô Update +> Network protection feature will soon be enabled by default for all users. The update will be rolled out in a phased manner. As a result, users will be able to see Network Protection Card in the Defender app along with App Protection and Web Protection. Users are also required to provide Location permission to complete the set up. For more information, see [Network Protection](/microsoft-365/security/defender-endpoint/android-configure#network-protection). +++ ## Device Tagging |
security | Attack Surface Reduction Rules Deployment | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-deployment.md | Before you start, review [Overview of attack surface reduction](overview-attack- Attack surface reduction rules are only one capability of the attack surface reduction capabilities within Microsoft Defender for Endpoint. This document goes into more detail on deploying attack surface reduction rules effectively to stop advanced threats like human-operated ransomware and other threats. -### Attac surface reduction rules list by category +### Attack surface reduction rules list by category The following table shows attack surface reduction rules by category: |
security | Attack Surface Reduction Rules Reference | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/attack-surface-reduction-rules-reference.md | The following ASR rules DO NOT honor Microsoft Defender Antivirus exclusions: > [!NOTE] > For information about configuring per-rule exclusions, see the section titled **Configure ASR rules per-rule exclusions** in the topic [Test attack surface reduction rules](attack-surface-reduction-rules-deployment-test.md). +## ASR rules and Defender for Endpoint Indicators of Compromise (IOC) ++The following ASR rules DO NOT honor Microsoft Defender for Endpoint Indicators of Compromise (IOC): ++| ASR rule name | Description | +||| +| Block credential stealing from the Windows local security authority subsystem (lsass.exe) | Doesn't honor indicators of compromise for files or certificates. | +| Block Office applications from injecting code into other processes |Doesn't honor indicators of compromise for files or certificates. | +| Block Win32 API calls from Office mac |Doesn't honor indicators of compromise for certificates. | + ## ASR rules supported operating systems The following table lists the supported operating systems for rules that are currently released to general availability. The rules are listed alphabetical order in this table. LSASS authenticates users who sign in on a Windows computer. Microsoft Defender By default the state of this rule is set to block. In most cases, many processes make calls to LSASS for access rights that are not needed. For example, such as when the initial block from the ASR rule results in a subsequent call for a lesser privilege which subsequently succeeds. For information about the types of rights that are typically requested in process calls to LSASS, see: [Process Security and Access Rights](/windows/win32/procthread/process-security-and-access-rights). +> [!NOTE] +> The Block credential stealing from the Windows local security authority subsystem ASR rule does not support WARN mode. + > [!NOTE] > In some apps, the code enumerates all running processes and attempts to open them with exhaustive permissions. This rule denies the app's process open action and logs the details to the security event log. This rule can generate a lot of noise. If you have an app that simply enumerates LSASS, but has no real impact in functionality, there is no need to add it to the exclusion list. By itself, this event log entry doesn't necessarily indicate a malicious threat. Dependencies: Microsoft Defender Antivirus, RPC This rule blocks code injection attempts from Office apps into other processes. +> [!NOTE] +> The Block applications from injecting code into other processes ASR rule does not support WARN mode. + > [!IMPORTANT] > This rule requires restarting Microsoft 365 Apps (Office applications) for the configuration changes to take effect. |
security | Ios Whatsnew | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/ios-whatsnew.md | search.appverid: met150 Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](https://signup.microsoft.com/create-account/signup?products=7f379fee-c4f9-4278-b0a1-e4c8c2fcdf7e&ru=https://aka.ms/MDEp2OpenTrial?ocid=docs-wdatp-exposedapis-abovefoldlink) +> [!IMPORTANT] +> ## Network Protection ΓÇô Update +> Network protection feature will soon be enabled by default for all users. The update will be rolled out in a phased manner. As a result, users will be able to see Network Protection Card in the Defender app along with App Protection and Web Protection. Users are also required to provide Location permission to complete the set up. For more information, see [Network Protection](/microsoft-365/security/defender-endpoint/ios-configure-features#configure-network-protection). + ## Device Tagging Mobile Device Tagging is now generally available. This feature enables bulk tagging the mobile devices by allowing the admins to set up tags via Intune. Admin can configure the device tags through Intune via configuration policies and push them to user's devices. Once the User installs and activates Defender, the client app passes the device tags to the Security Portal. The Device tags appear against the devices in the Device Inventory. For more information, read [Configure Device Tagging](/microsoft-365/security/defender-endpoint/ios-configure-features#device-tagging). |
security | Microsoft 365 Security Center Defender Cloud Apps | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-365-security-center-defender-cloud-apps.md | The capabilities on the following pages are fully integrated into Microsoft Defe - [Settings > App Governance](/defender-cloud-apps/app-governance-get-started) - [Settings > Microsoft Defender for Identity](/defender-for-identity/deploy-defender-identity) -## Limitations --- The new Defender for Cloud Apps experience in the Microsoft Defender portal is currently available for all users detailed in [Manage admin access](/defender-cloud-apps/manage-admins), except for:- - **App/Instance admin**, **User group admin**, **Cloud Discovery global admin**, and **Cloud Discovery report admin**, as defined in [Built-in admin roles in Defender for Cloud Apps](/defender-cloud-apps/manage-admins#built-in-admin-roles-in-defender-for-cloud-apps). - ## What's changed Learn about the changes that have come with the integration of Defender for Cloud Apps and Microsoft Defender XDR. |
security | Microsoft Threat Actor Naming | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/microsoft-threat-actor-naming.md | Threat actors within the same weather family are given an adjective to distingui The table shows how the new family names map to the threat actors that we track. |Actor category|Type|Family name|-||::|::| +|::|::|::| |Nation-state|China<br>Iran<br>Lebanon<br>North Korea<br>Russia<br>South Korea<br>Turkey<br>Vietnam|Typhoon<br>Sandstorm<br>Rain<br>Sleet<br>Blizzard<br>Hail<br>Dust<br>Cyclone| |Financially motivated|Financially motivated|Tempest| |Private sector offensive actors|PSOAs|Tsunami| The table shows how the new family names map to the threat actors that we track. Use the following reference table to understand how our previously publicly disclosed old threat actor names translate to our new taxonomy. |Threat actor name|Previous name|Origin/Threat|Other names|-||::|::|::| +|::|::|::|::| |Aqua Blizzard|ACTINIUM|Russia|UNC530, Primitive Bear, Gamaredon| |Blue Tsunami||Private sector offensive actor|Black Cube| |Brass Typhoon|BARIUM|China|APT41| Use the following reference table to understand how our previously publicly disc |Pumpkin Sandstorm|DEV-0146|Iran|ZeroCleare| |Raspberry Typhoon|RADIUM|China|APT30, LotusBlossom| |Ruby Sleet|CERIUM|North Korea||+|Salmon Typhoon|SODIUM|China|APT4, Maverick Panda| |Sangria Tempest|ELBRUS|Financially motivated|Carbon Spider, FIN7| |Sapphire Sleet|COPERNICIUM|North Korea|Genie Spider, BlueNoroff| |Seashell Blizzard|IRIDIUM|Russia|Sandworm| Use the following reference table to understand how our previously publicly disc |Smoke Sandstorm|BOHRIUM|Iran|| |Spandex Tempest|CHIMBORAZO|Financially motivated|TA505| |Star Blizzard|SEABORGIUM|Russia|Callisto, Reuse Team|-|Storm-0062|DEV-0062|China|DarkShadow, Oro0lxy| -|Storm-0133|DEV-0133|Iran|LYCEUM, HEXANE| -|Storm-0216|DEV-0216|Financially motivated|Twisted Spider, UNC2198| -|Storm-0257|DEV-0257|Group in development|UNC1151| -|Storm-0324|DEV-0324|Financially motivated|TA543, Sagrid| -|Storm-0381|DEV-0381|Financially motivated|| -|Storm-0530|DEV-0530|North Korea|H0lyGh0st| +|Storm-0062||China|DarkShadow, Oro0lxy| +|Storm-0133||Iran|LYCEUM, HEXANE| +|Storm-0216||Financially motivated|Twisted Spider, UNC2198| +|Storm-0257||Group in development|UNC1151| +|Storm-0324||Financially motivated|TA543, Sagrid| +|Storm-0381||Financially motivated|| +|Storm-0530||North Korea|H0lyGh0st| |Storm-0539||Financially motivated|| |Storm-0558||China||-|Storm-0569|DEV-0569|Financially motivated|| -|Storm-0587|DEV-0587|Russia|SaintBot, Saint Bear, TA471| -|Storm-0744|DEV-0744|Financially motivated|| -|Storm-0829|DEV-0829|Group in development|Nwgen Team| +|Storm-0569||Financially motivated|| +|Storm-0587||Russia|SaintBot, Saint Bear, TA471| +|Storm-0744||Financially motivated|| +|Storm-0784||Iran|| +|Storm-0829||Group in development|Nwgen Team| |Storm-0835||Group in development|EvilProxy|-|Storm-0867|DEV-0867|Egypt|Caffeine| -|Storm-0971|DEV-0971|Financially motivated|(Merged into Octo Tempest)| -|Storm-0978|DEV-0978|Group in development|RomCom, Underground Team| -|Storm-1044|DEV-1044|Financially motivated|Danabot| -|Storm-1084|DEV-1084|Iran|DarkBit| +|Storm-0842||Iran|| +|Storm-0861||Iran|| +|Storm-0867||Egypt|Caffeine| +|Storm-0971||Financially motivated|(Merged into Octo Tempest)| +|Storm-0978||Group in development|RomCom, Underground Team| +|Storm-1044||Financially motivated|Danabot| +|Storm-1084||Iran|DarkBit| |Storm-1099||Russia||-|Storm-1101|DEV-1101|Group in development|NakedPages| -|Storm-1113|DEV-1113|Financially motivated|| +|Storm-1101||Group in development|NakedPages| +|Storm-1113||Financially motivated|| |Storm-1133||Palestinian Authority|| |Storm-1152||Financially motivated||-|Storm-1167|DEV-1167|Indonesia|| +|Storm-1167||Indonesia|| |Storm-1283||Group in development|| |Storm-1286||Group in development||-|Storm-1295|DEV-1295|Group in development|Greatness| +|Storm-1295||Group in development|Greatness| +|Storm-1364||Iran|| |Storm-1567||Financially motivated|Akira| |Storm-1575||Group in development|Dadsec| |Storm-1674||Financially motivated||-|Strawberry Tempest|DEV-0537|Financially motivated|LAPSUS$| -|Sunglow Blizzard|DEV-0665|Russia|| +|Strawberry Tempest||Financially motivated|LAPSUS$| +|Sunglow Blizzard||Russia|| |Tomato Tempest|SPURR|Financially motivated|Vatet| |Vanilla Tempest|DEV-0832|Financially motivated|| |Velvet Tempest|DEV-0504|Financially motivated|| TANames }; GetThreatActorAlias("ZINC") ```+ The following files containing the comprehensive mapping of old threat actor names with their new names are also available: - [JSON format](https://github.com/microsoft/mstic/blob/master/PublicFeeds/ThreatActorNaming/MicrosoftMapping.json)-- [downloadable Excel](https://download.microsoft.com/download/4/5/2/45208247-c1e9-432d-a9a2-1554d81074d9/microsoft-threat-actor-list.xlsx)+- [downloadable Excel](https://download.microsoft.com/download/4/5/2/45208247-c1e9-432d-a9a2-1554d81074d9/microsoft-threat-actor-list.xls) |
syntex | Ocr Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/ocr-overview.md | For example, you enable the OCR service and then add image files to your documen |SharePoint and OneDrive |.bmp, .png, .jpeg, .jpg, .jfif, .arw, .cr2, .crw, .erf, .gif, .mef, .mrw, .nef, .nrw, .orf, .pef, .raw, .rw2, .rw1, .sr2, .tif, .tiff, .heic, .heif, .ari, .bay, .cap, .cr3, .dcs, .dcr, .drf, .eip, .fff, .iiq, .k25, .kdc, .mef, .mos, .ptx, .pxn, .raf, .rwl, .sr2, .srf, .srw, .x3f, .dng, .tiff, and .pdf (image only) | |Teams, Exchange, and Windows devices |.bmp, .png, .jpeg, .jpg, .tiff, and .pdf (image only) | +> [!NOTE] +> When you apply OCR to an image file, the text is stored in the **Extracted text** metadata column. When you apply OCR to a PDF or TIFF file, the extracted text is indexed in search but not available in the metadata column. + ### Supported languages The OCR service supports more than [150 languages](/azure/cognitive-services/language-support). The OCR service supports multiple solutions, as shown in the following table. Fo ### File limitations -- Image file sizes must be less than 50 MB.+- Images must be less than 50 MB. - Images must be at least 50 x 50 pixels and not larger than 16,000 x 16,000 pixels. -- Only images uploaded after OCR has been enabled are scanned.+- Images uploaded after OCR has been enabled are the only images that are scanned. -- Currently, images that are embedded in Office documents aren't supported.+- Images that are embedded in Office documents aren't supported. |
syntex | Translation | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/syntex/translation.md | To create a translated version of a document, follow these steps: ![Screenshot showing the translation confirmation screen.](../media/content-understanding/translation-confirmation.png) + It can take several minutes for the translated file to be created. When the process is completed, the translated file will appear in the document library. + If you try to submit a duplicate translation request before the file has finished processing, you'll receive a message telling you to wait a few minutes before trying again. ![Screenshot showing the message to wait a few minutes and trying again.](../media/content-understanding/translation-wait-message.png) |
test-base | Overview | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/test-base/overview.md | f1.keywords: NOCSH # What is Test Base for Microsoft 365? +> [!IMPORTANT] +> **Test Base for Microsoft 365 will transition to end-of-life (EOL) on May 31, 2024.** We're committed to working closely with each customer to provide support and guidance to make the transition as smooth as possible. If you have any questions, concerns, or need assistance, [submit a support request](https://aka.ms/TestBaseSupport). + Test Base is an Azure service that enables data-driven application testing for users anywhere in the world. The following institutions are best fit to onboard their applications, binaries, and test scripts to Test Base for Microsoft 365: Enterprise/Businesses, Independent Software Publishers, System Integrators (SIs), and IT Professionals who want to validate their line-of-business (LOB) applications through integration with Microsoft Intune. |