+You can also export the report data into an Excel .csv file by selecting the **Export** link. This exports data of all users and enables you to do simple sorting and filtering for further analysis. If you have less than 2000 users, you can sort and filter within the table in the report itself. If you have more than 2000 users, in order to filter and sort, you'll need to export the data.

+|Number of survey responses <br/> |The number of responses from responders to whom the survey was distributed.|

+You can also export the report data into an Excel .csv file by selecting the **Export** link. This exports data of all users and enables you to do simple sorting and filtering for further analysis. If you have less than 2000 users, you can sort and filter within the table in the report itself. If you have more than 2000 users, in order to filter and sort, you'll need to export the data. The exported format for **audio time**, **video time**, and **screen share time** follows ISO8601 duration format.

+You can also export the report data into an Excel .csv file by selecting the **Export** link. This exports data of all users and enables you to do simple sorting and filtering for further analysis. If you have less than 2000 users, you can sort and filter within the table in the report itself. If you have more than 2000 users, in order to filter and sort, you'll need to export the data.

+As a Microsoft 365 admin, the Reports dashboard shows you the activity overview across various products in your organization. It enables you to drill in to get more granular insight about the activities specific to each product. Check out the [activity reports in the Microsoft 365 admin center](activity-reports.md).

+## How do I get to the SharePoint activity report?

+You can also export the report data into an Excel .csv file by selecting the **Export** link. This exports data of all users and enables you to do simple sorting and filtering for further analysis. If you have less than 2000 users, you can sort and filter within the table in the report itself. If you have more than 2000 users, in order to filter and sort, you'll need to export the data.

+You can also export the report data into an Excel .csv file by selecting the **Export** link. This exports data of all users and enables you to do simple sorting and filtering for further analysis. If you have less than 2000 users, you can sort and filter within the table in the report itself. If you have more than 2000 users, in order to filter and sort, you'll need to export the data.

+|Connected to Office 365 <br/> |Indicates whether the Yammer group is also a Microsoft 365 group. <br/> |

+| Require multi-factor authentication for admins | It's actually a good idea to require MFA for all of your users, but admins should definitely be required to use MFA to sign in. MFA makes users enter a second method of identification to verify they're who they say they are. Admins can have access to much of customer and employee data and if you require MFA, even if the admin's password gets compromised, the password is useless without the second form of identification. <br><br>When you turn on MFA, the next time the user signs in, they'll need to provide an alternate email address and phone number for account recovery. <br> [Set up multi-factor authentication](../security-and-compliance/set-up-multi-factor-authentication.md) |

+If you get a message in the admin center telling you that you don't have permissions to edit a setting or page, it's because you're assigned a role that doesn't have that permission.

+If you're working with a Microsoft partner, you can assign them admin roles. They, in turn, can assign users in your company, or their company, admin roles. You might want them to do this, for example, if they're setting up and managing your online organization for you.

+- **Admin Agent** Privileges equivalent to a global admin, except for managing multi-factor authentication through the Partner Center.

+If you're working with a Microsoft partner, you can assign them admin roles. They, in turn, can assign users in your company - or their company - admin roles. You might want them to do this, for example, if they're setting up and managing your online organization for you.

+- Full administration, which has privileges equivalent to a global admin, except for managing multi-factor authentication through the Partner Center.

+When you delete a user, the account becomes inactive for approximately 30 days. You've until then to restore the account before it's permanently deleted.

+|Terminate a session and block access to future sessions (for all protocols)|Disable the account. For example, in the Exchange admin center or using PowerShell: <p> `Set-Mailbox user@contoso.com -AccountDisabled:$true`|

+|Terminate the session for a particular protocol (such as ActiveSync)|Disable the protocol. For example, in the Exchange admin center or using PowerShell: <p> `Set-CASMailbox user@contoso.com -ActiveSyncEnabled:$false`|

+4. Enter an email address the user can get to, so they receive the new password, and follow up with them to make sure they got it.

+If you're in China, Office 365 operated by 21Vianet is designed to meet the needs for secure, reliable, and scalable cloud services in China. This service is powered by technology that Microsoft has licensed to 21Vianet. Microsoft doesn't operate the service itself. 21Vianet operates, provides, and manages delivery of the service. 21Vianet is the largest carrier-neutral Internet data center services provider in China, providing hosting, managed network services, and cloud computing infrastructure services. By licensing Microsoft technologies, 21Vianet operates local Microsoft datacenters to provide you the ability to use Microsoft services while keeping your data within China. 21Vianet also provides your subscription and billing services, and support.

+ - **Country** where the services will be used. You **won't** be able to change the country later, even during the sign-up process; you'll have to restart the sign-up wizard.

+Both Basic Mobility and Security and Intune are included in various plans, described in the following table.

+|Mobile application protection |Enable your users to securely access corporate information using the Office mobile and line-of-business apps they know, while ensuring security of data by helping to restrict actions like copy, cut, paste, and save as, to only those apps managed approved for corporate data. Works even if the devices aren't enrolled to Basic Mobility and Security. See Protect app data using MAM policies. |No|Yes|

+You can manage and secure mobile devices when they're connected to your Microsoft 365 organization by using Basic Mobility and Security. Mobile devices like smartphones and tablets that are used to access work email, calendar, contacts, and documents play a significant part in making sure that employees get their work done anytime, from anywhere. So itΓÇÖs critical that you help protect your organization's information when people use devices. You can use Basic Mobility and Security to set device security policies and access rules, and to wipe mobile devices if theyΓÇÖre lost or stolen.

+- Make sure that the device isn't already enrolled with another mobile device management provider, such as Intune.

+ - Make sure that Safari is the default browser on the device, and that cookies aren't disabled.

+- If you're using a community feedback experience, Microsoft will prioritize feedback that high volumes of our users are experiencing or requesting. You can see if feedback you want to provide already exists by searching to browse existing feedback to see if your feedback has already been mentioned by someone in the community. ItΓÇÖs possible that you have the same feedback as someone else, and you can add your voice to the existing feedback rather than creating a copy of it. If you canΓÇÖt find feedback like yours, itΓÇÖs time to add new feedback

+- If youΓÇÖre experiencing an issue, try to describe the steps you took that caused that issue to occur. ItΓÇÖs great to know if the problem is intermittent or happens every time, so our product teams can take a look at it and try to reproduce the problem. If you're using Windows Feedback Hub and your diagnostic settings allow it, you can use the ΓÇ£Recreate my problemΓÇ¥ feature to attach screenshots and diagnostic logs as you reproduce the issue youΓÇÖre facing. Typically, more details are better. If you're using an app and it tends to crash every time an action is performed, include that in your description in addition to telling us that the application is crashing.

+- Whenever you provide feedback, remember not to provide any identifiable information such as phone numbers or email addresses, and make sure to avoid leaving personal information in any screenshots you attach. Feedback submitted on community platforms can be seen by other users, and you wouldn't want to expose personal data.

+- When you're finished submitting your feedback, you can log into the Feedback portal to view feedback you previously sent to Microsoft and see the status of that feedback. If you provided feedback on Windows Feedback Hub, you can open the app and view your My Feedback section to see the status of your feedback.

+Depending on the platform and application, you may be able to submit additional logs and screenshots. These are helpful for the product teams at Microsoft to understand your feedback, so please include screenshots and logs when possible.

+If you're using [Feedback](https://feedbackportal.microsoft.com/), you can provide feedback directly within the web portal. Community feedback allows you to browse or vote on feedback from the community. Community feedback is publicly displayed within different forums. Your user name will be displayed by feedback you submit publicly or comments you provide.

+Selecting a forum allows you to see all feedback related to that product, and you can upvote or comment on feedback that matches yours. If you don't see feedback that is similar to your own, you can submit new feedback through the portal itself.

+If you're using Windows Feedback Hub, you can provide feedback from within the Feedback Hub application. For more details on using Feedback Hub, you can [read this article](/windows-insider/feedback). Feedback Hub allows you to also view feedback from other users in the community directly from your Windows device. You may also browse, upvote, or comment on existing feedback, or submit your own using the new feedback form to provide bug reports or feature suggestions.

+If you submitted feedback publicly on the Feedback web portal that you wish to delete, you can remove it by navigating to your My Feedback section. Then, select the feedback item you wish to delete, and select ΓÇ£Delete.ΓÇ¥ You'll be presented with a warning that deleting feedback is irreversible, and that by removing your feedback it will remove all comments, votes, flags, and follows associated with it.

+Once your feedback is sent to Microsoft, it's routed to the relevant product teams who can review it. We look at new feedback that comes in to evaluate if other users have reported similar feedback, and we try to group these similar feedback reports together to surface the most impactful issues and help prioritize future work.

+Through Windows Feedback Hub and the Feedback web portal, Microsoft has the ability to update the status of your feedback and respond to it. We canΓÇÖt promise to respond to every single feedback report, but we do try to evaluate all feedback that comes in to help prioritize product changes.

+You'll see each feedback card on the feedback portal tagged with one of the statuses below. You can find this status tag as shown in the screenshot below.

+If you submitted feedback related to an issue, you were facing and the product team has started investigation the feedback status would move to this.

+**WeΓÇÖre working on this** We're working on a change in the product to address your feedback.

+Your feedback will move to this status when we canΓÇÖt take any next steps with it because it was irrelevant to our products or violates our code of conduct. Typically the Microsoft response will clarify why it was closed.

+Your feedback would move to this status when the product team has reviewed your feedback and determined that there's either a workaround to the issue you're facing or your ask is already implemented in the product. Typically the Microsoft response will contain more information on what you can do to self-help.

+Moderation of community feedback may be performed by Microsoft employees or approved vendors. Feedback that violates the Feedback Code of Conduct may be hidden from the public view, but Microsoft won't delete this data outside of our data retention policies.

+Here's a list of Microsoft Cloud Solution Providers in Russia.

+Passwords are the most common method of authenticating a sign-in to a computer or online service, but they're also the most vulnerable. People can choose easy passwords and use the same passwords for multiple sign-ins to different computers and services.

+To provide an extra level of security for sign-ins, you must use multifactor authentication (MFA), which uses both a password, which should be strong, and an additional verification method based on:

+- Something you have with you that isn't easily duplicated, such as a smart phone.

+The additional verification method isn't employed until after the user's password has been verified. With MFA, even if a strong user password is compromised, the attacker doesn't have your smart phone or your fingerprint to complete the sign-in.

+In both cases, the MFA sign-in is using the "something you have with you that isn't easily duplicated" method for the additional verification. There are multiple ways in which you can enable MFA for Microsoft 365 and Office 365:

+|All Microsoft 365 plans|Use security defaults, which require MFA for all user accounts. <p> You can also configure per-user MFA on individual user accounts, but this isn't recommended.|Small business|

+This policy allows you to require MFA based on group membership, rather than trying to configure individual user accounts for MFA when they're assigned or unassigned from these administrator roles.

+You should be using either security defaults or Conditional Access policies to require MFA for your user account sign-ins. However, if either of these canΓÇÖt be used, Microsoft strongly recommends MFA for user accounts that have administrator roles, especially the global administrator role, for any size subscription.

+After being enabled, the next time the user signs in, they'll be prompted to register for MFA and to choose and test the additional verification method.

+|**Legacy per-user MFA (not recommended)**|Overrides security defaults and Conditional Access policies requiring MFA at each sign-in|Overridden by security defaults and Conditional Access policies|User-specified during MFA registration|

+5. After you've reviewed your settings, select **Create this policy** or **Save**, as appropriate.

+|Description|Ensure most important staff and our domain aren't being impersonated.|

+People regularly send, receive, and share attachments, such as documents, presentations, spreadsheets, and more. It's not always easy to tell whether an attachment is safe or malicious just by looking at an email message. Microsoft Defender for Office 365 includes Safe Attachment protection, but this protection isn't turned on by default. We recommend that you create a new rule to begin using this protection. This protection extends to files in SharePoint, OneDrive, and Microsoft Teams.

+5. After you've reviewed your settings, select **Create this policy** or **Save**, as appropriate.

+If you've previously turned on per-user MFA, you must turn it off before enabling Security defaults.

+If you have been using [baseline Conditional Access policies](/azure/active-directory/conditional-access/concept-baseline-protection), you'll be prompted to turn them off before you move to using security defaults.

+For most subscriptions modern authentication is automatically turned on, but if you purchased your subscription before August 2017, it's likely that you'll need to turn on Modern Authentication in order to get features like Multifactor Authentication to work in Windows clients like Outlook.

+## May 2022

+<!-- ### Role based access controls (RBAC)

+There are new Azure AD built-in roles in the Microsoft 365 admin center. Give admins only the access they need to manage Virtual Visits.

+There are also 4 new roles in the Microsoft 365 admin center centered around management of custom security attributes. These roles are available for everyone to use in the Role assignments node under Roles.

+For more information about Azure AD built-in roles, see [Azure AD built-in roles](/azure/active-directory/roles/permissions-reference).

+**Virtual Visits Administrator** Manage and share Virtual Visits information and metrics from admin centers or the Virtual Visits app.

+**Attribute Assignment Administrator** Assign custom security attribute keys and values to supported Azure AD objects.

+**Attribute Assignment Reader** Reads custom security attribute keys and values for supported Azure AD objects.

+**Attribute Definition Administrator** Define and manage the definition of custom security attributes.

+**Attribute Definition Reader** Reads the definition of custom security attributes. -->

+### Quick Assist

+We've moved Quick Assist to the Windows Store to enhance the performance and security of the app. The Windows Quick Assist app allows you and your end-users to receive or provide PC assistance over a remote connection.

+With the new Quick Assist Store app, you should see a significant improvement in passcode generation times and a reduction in application errors.

+For more information, see [Solve PC problems over a remote connection](https://support.microsoft.com/windows/solve-pc-problems-over-a-remote-connection-b077e31a-16f4-2529-1a47-21f6a9040bf3) and [Install Quick Assist](https://support.microsoft.com/windows/install-quick-assist-c17479b7-a49d-4d12-938c-dbfb97c88bca)

+ Title: "Add a marketing campaign ID to a Bookings page URL"

+audience: Admin

+ms.localizationpriority: medium

+description: "How to add a campaign ID to a Bookings page URL"

+# Add a marketing campaign ID to a Bookings page URL

+Keep track of your Bookings marketing campaigns by adding a campaign ID to the end of your Booking page URL.

+Use a campaign ID to see how your marketing campaigns are doing. Add a campaign ID you choose to the end of your Bookings page URL and use the campaign ID in your different marketing platforms to see which of your campaigns are connecting with customers.

+## Add campaign ID

+1. In Microsoft 365, select the App launcher, and then select **Bookings**.

+2. Choose your calendar and in the left navigation pane, select **Booking page** and copy your booking page URL and paste it into a text editing program, like Notepad.

+ :::image type="content" source="../media/copy-booking-page-url.png" alt-text="Screenshot: Copy Bookings page URL so you can add a campaign ID for marketing":::

+3. Add a campaign ID to the end of the Booking page URL. For example, if your booking page URL looks like this, [https://outlook.office365.com/owa/calendar/TailspinToys@contosopetscom.onmicrosoft.com/bookings/](https://outlook.office365.com/owa/calendar/TailspinToys@contosopetscom.onmicrosoft.com/bookings/), you would choose an ID to add to the end. For example, if you wanted to track your booking details from your Twitter page, you could add Twitter to the end of the URL. The new URL that you would add to your Twitter page would look like this: [https://outlook.office365.com/owa/calendar/TailspinToys@contosopetscom.onmicrosoft.com/bookings/?RefID=Twitter](https://outlook.office365.com/owa/calendar/TailspinToys@contosopetscom.onmicrosoft.com/bookings/?RefID=Twitter). Use different campaign IDs to track the marketing campaigns you're running.

+> [!NOTE]

+> Characters in the campaign ID must be one of the following: alphanumeric characters, underscore or hyphen. Make sure you test your Campaign ID url by copying and pasting into a web browser.

+## Track campaign IDs

+You can track how your campaigns are doing by downloading a report (TSV file) that shows you the last four months of activities of your Bookings calendar. The TSV file will show you four months of data, but you can select different four month periods over the course of a year. For more information on how to download the report, see [Reporting info for Bookings](reporting-info.md).

+- **Tracking data** Track the metrics for the campaign IDs you're using in your marketing campaigns.

+The policies you set here are the top-level policies. They're automatically applied to all the services you offer unless you choose to modify them on a per-service basis. For example, let's say that for most services, such as initial consultations, one-day notice for cancellations is acceptable. But for those services that require facility reservations or fees, such as golf lessons, you might require three days' notice. You can set this service-level policy on the Services page. See [Define your service offerings](define-service-offerings.md) for instructions.

+Bookings can be turned on or off for your entire organization or for specific users. When you turn on Bookings for users, they can create a Bookings page, create a calendar, and allow other people to book time with them. This article is for owners and administrators who manage Bookings for their organizations.

+- Perpetual software, or software that is directly assigned to a user if there's no license involved.

+The allotments feature is available in a private preview to only a few customers. If you're interested in joining, fill out this form: [https://aka.ms/allotment-pilot-signup](https://aka.ms/allotment-pilot-signup).

+You can choose to maintain the same functionality you had with E4 or take advantage of new features and functionality from Microsoft 365 and Microsoft 365 Audio Conferencing. To move to a new plan, you have five options.

+- Microsoft Business Basic subscription

+- Microsoft 365 Apps for Business subscription

+- Microsoft 365 Enterprise E3 subscription

+- Microsoft 365 Business Premium

+- Microsoft 365 Education A3 subscription

+- Microsoft 365 Government G3 subscription

+- Microsoft 365 Government G1 subscription

+- Microsoft 365 Frontline F1 or F3 subscription, or F5 Security add-on

+ - Enabling the auditing of crucial events and then turning on the Audit (Premium) app/service plan for those users.

+Any 16-digit string isn't necessarily a credit card number, it could be a ticket number from a help desk system, or a serial number of a piece of hardware. To tell the difference between a credit card number and a harmless 16-digit string, a calculation is performed (checksum) to confirm that the numbers match a known pattern from the various credit card brands.

+Choose the locations that the policy will apply to. DLP policies can apply to Exchange Online, SharePoint Online, and OneDrive for Business. I'm going to leave this policy configured to apply to all locations.

+To demonstrate TFN detection in a rather blunt manner, an email with the words "Tax file number" and a nine digit string in close proximity will sail through without any issues. The reason it doesn't trigger the DLP policy is that the nine digit string must pass the checksum that indicates it's a valid TFN and not just a harmless string of numbers.

+If you leave your DLP policy in test mode and analyze the incident report emails, you can start to get a feel for the accuracy of the DLP policy and how effective it will be when it's enforced. In addition to the incident reports, you can [use the DLP reports](view-the-dlp-reports.md) to see an aggregated view of policy matches across your tenant.

+- User overrides determine whether users can choose to proceed with their email or file sharing anyway.

+DLP policy templates aren't perfect straight out of the box. It's likely that you'll find some false positives occurring in your environment, which is why it's so important to ease your way into a DLP deployment, taking the time to adequately test and tune your policies.

+Here's an example of a false positive. This email is harmless. The user is providing their mobile phone number to someone, and including their email signature.

+- You can enable/disable notifications with a policy tip.

+3. In the list of mailboxes, select the user to enable their mailbox for archive, and then select the **Enable archive** option:

+

+

+|Email in transit between recipients. This email includes email hosted by Exchange Online. <br/> |Microsoft Purview Message Encryption with Azure Rights Management, S/MIME, and TLS for email in transit <br/> |[Message Encryption](ome.md) <br/> [Email encryption in Office 365](email-encryption.md) <br/> [How Exchange Online uses TLS to secure email connections in Office 365](exchange-online-uses-tls-to-secure-email-connections.md) <br/> |

+- If you are using a named entity SIT, like All Full Names, to help find US Social Security numbers, use larger instance counts such as 10 or 50. Then when both the person names and the SSNs are detected together, you're more likely to get true positives.

+1. Create a sensitivity auto-labeling policy that uses the SIT from step 1 and with same Conditions and Exceptions that will be used in your DLP policy

+> [!TIP]

+> For better performance, you can use server closer to your geo location:

+>

+> [!NOTE]

+## Week of May 16, 2022

+| Published On |Topic title | Change |

+|||--|

+| 5/16/2022 | [Delete an inactive mailbox](/microsoft-365/compliance/delete-an-inactive-mailbox?view=o365-21vianet) | modified |

+| 5/16/2022 | [Recover an inactive mailbox](/microsoft-365/compliance/recover-an-inactive-mailbox?view=o365-21vianet) | modified |

+| 5/16/2022 | [Restore an inactive mailbox](/microsoft-365/compliance/restore-an-inactive-mailbox?view=o365-21vianet) | modified |

+| 5/16/2022 | [Reprovision a Windows 365 Cloud PC](/microsoft-365/lighthouse/m365-lighthouse-reprovision-cloudpc?view=o365-21vianet) | added |

+| 5/16/2022 | [Automatically apply a sensitivity label in Microsoft 365](/microsoft-365/compliance/apply-sensitivity-label-automatically?view=o365-21vianet) | modified |

+| 5/16/2022 | [Microsoft Defender for Office 365 in Microsoft 365 Defender](/microsoft-365/security/defender/microsoft-365-security-center-mdo?view=o365-21vianet) | modified |

+| 5/16/2022 | [Create exact data match sensitive information type/rule package](/microsoft-365/compliance/sit-get-started-exact-data-match-create-rule-package?view=o365-21vianet) | modified |

+| 5/16/2022 | [Create the schema for exact data match based sensitive information types](/microsoft-365/compliance/sit-get-started-exact-data-match-create-schema?view=o365-21vianet) | modified |

+| 5/16/2022 | [Lightweight base configuration](/microsoft-365/enterprise/lightweight-base-configuration-microsoft-365-enterprise?view=o365-21vianet) | modified |

+| 5/16/2022 | [Microsoft Defender for Business frequently asked questions](/microsoft-365/security/defender-business/mdb-faq?view=o365-21vianet) | modified |

+| 5/16/2022 | [What is Microsoft Defender for Business?](/microsoft-365/security/defender-business/mdb-overview?view=o365-21vianet) | modified |

+| 5/16/2022 | [Overview of endpoint detection and response capabilities](/microsoft-365/security/defender-endpoint/overview-endpoint-detection-response?view=o365-21vianet) | modified |

+| 5/16/2022 | [Take response actions on a device in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/respond-machine-alerts?view=o365-21vianet) | modified |

+| 5/16/2022 | [Anti-phishing policies](/microsoft-365/security/office-365-security/set-up-anti-phishing-policies?view=o365-21vianet) | modified |

+| 5/16/2022 | [Web content filtering](/microsoft-365/security/defender-endpoint/web-content-filtering?view=o365-21vianet) | modified |

+| 5/17/2022 | Use customer-managed keys to encrypt your organization's auditing data | removed |

+| 5/17/2022 | [Lightweight base configuration](/microsoft-365/enterprise/lightweight-base-configuration-microsoft-365-enterprise?view=o365-21vianet) | modified |

+| 5/17/2022 | [Disposition of content](/microsoft-365/compliance/disposition?view=o365-21vianet) | modified |

+| 5/17/2022 | [Form processing overview in Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/form-processing-overview) | modified |

+| 5/18/2022 | [Microsoft 365 encryption chains](/microsoft-365/compliance/encryption-office-365-certificate-chains?view=o365-21vianet) | modified |

+| 5/18/2022 | [Manage devices with Intune](/microsoft-365/solutions/manage-devices-with-intune-overview?view=o365-21vianet) | modified |

+| 5/18/2022 | [Increase threat protection for Microsoft 365 for business](/microsoft-365/admin/security-and-compliance/increase-threat-protection?view=o365-21vianet) | added |

+| 5/18/2022 | [Set the password expiration policy for your organization](/microsoft-365/admin/manage/set-password-expiration-policy?view=o365-21vianet) | modified |

+| 5/18/2022 | [Manage Customer Key](/microsoft-365/compliance/customer-key-manage?view=o365-21vianet) | modified |

+| 5/18/2022 | [What's new in Microsoft Defender for Office 365](/microsoft-365/security/office-365-security/whats-new-in-defender-for-office-365?view=o365-21vianet) | modified |

+| 5/18/2022 | [Create an extractor Microsoft SharePoint Syntex](/microsoft-365/contentunderstanding/create-an-extractor) | modified |

+| 5/18/2022 | [Visit the Action center to see remediation actions](/microsoft-365/security/defender-endpoint/auto-investigation-action-center?view=o365-21vianet) | modified |

+| 5/18/2022 | [Use automated investigations to investigate and remediate threats](/microsoft-365/security/defender-endpoint/automated-investigations?view=o365-21vianet) | modified |

+| 5/18/2022 | [Automation levels in automated investigation and remediation](/microsoft-365/security/defender-endpoint/automation-levels?view=o365-21vianet) | modified |

+| 5/18/2022 | [Configure automated investigation and remediation capabilities](/microsoft-365/security/defender-endpoint/configure-automated-investigations-remediation?view=o365-21vianet) | modified |

+| 5/18/2022 | [Get started with troubleshooting mode in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/enable-troubleshooting-mode?view=o365-21vianet) | modified |

+| 5/18/2022 | [Review remediation actions following automated investigations](/microsoft-365/security/defender-endpoint/manage-auto-investigation?view=o365-21vianet) | modified |

+| 5/18/2022 | Anti-spam and anti-malware protection | removed |

+| 5/19/2022 | [Get Microsoft Defender for Business](/microsoft-365/security/defender-business/get-defender-business?view=o365-21vianet) | modified |

+| 5/19/2022 | [Configure alert notifications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-email-notifications?view=o365-21vianet) | modified |

+| 5/19/2022 | [Configure vulnerability email notifications in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/configure-vulnerability-email-notifications?view=o365-21vianet) | modified |

+| 5/19/2022 | [Microsoft Defender Vulnerability Management public preview](/microsoft-365/security/defender-vulnerability-management/get-defender-vulnerability-management?view=o365-21vianet) | modified |

+| 5/19/2022 | [Apply encryption using sensitivity labels](/microsoft-365/compliance/encryption-sensitivity-labels?view=o365-21vianet) | modified |

+| 5/19/2022 | Add users and assign licenses in Microsoft Defender Vulnerability Management | removed |

+| 5/19/2022 | [Microsoft recommendations for EOP and Defender for Office 365 security settings](/microsoft-365/security/office-365-security/recommended-settings-for-eop-and-office365?view=o365-21vianet) | modified |

+| 5/20/2022 | [View an enterprise Cloud PC failed network connection in Microsoft 365 Lighthouse](/microsoft-365/lighthouse/m365-lighthouse-view-failed-network-connections?view=o365-21vianet) | added |

+| 5/20/2022 | [GDPR simplified: A guide for your small business](/microsoft-365/admin/security-and-compliance/gdpr-compliance?view=o365-21vianet) | modified |

+| 5/20/2022 | [Create and publish sensitivity labels](/microsoft-365/compliance/create-sensitivity-labels?view=o365-21vianet) | modified |

+| 5/20/2022 | [Customer-managed encryption features](/microsoft-365/compliance/office-365-customer-managed-encryption-features?view=o365-21vianet) | modified |

+| 5/20/2022 | [Microsoft 365 informed network routing](/microsoft-365/enterprise/office-365-network-mac-perf-cpe?view=o365-21vianet) | modified |

+| 5/20/2022 | [Network connectivity in the Microsoft 365 Admin Center](/microsoft-365/enterprise/office-365-network-mac-perf-overview?view=o365-21vianet) | modified |

+| 5/20/2022 | [Use the Page Diagnostics tool for SharePoint Online](/microsoft-365/enterprise/page-diagnostics-for-spo?view=o365-21vianet) | modified |

+| 5/20/2022 | [Performance troubleshooting plan for Office 365](/microsoft-365/enterprise/performance-troubleshooting-plan?view=o365-21vianet) | modified |

+| 5/20/2022 | [Step 2. Protect your Microsoft 365 privileged accounts](/microsoft-365/enterprise/protect-your-global-administrator-accounts?view=o365-21vianet) | modified |

+| 5/20/2022 | [Using Content Search Web Part instead of Content Query Web Part to improve performance in SharePoint Online](/microsoft-365/enterprise/using-content-search-web-part-instead-of-content-query-web-part-to-improve-perfo?view=o365-21vianet) | modified |

+| 5/20/2022 | [View email security reports](/microsoft-365/security/office-365-security/view-email-security-reports?view=o365-21vianet) | modified |

+| 5/20/2022 | [Validate app protection settings on Android or iOS devices](/microsoft-365/business-premium/m365bp-validate-settings-on-android-or-ios?view=o365-21vianet) | renamed |

+| 5/20/2022 | [Validate app protection settings for Windows 10 PCs](/microsoft-365/business-premium/m365bp-validate-settings-on-windows-10-pcs?view=o365-21vianet) | renamed |

+| 5/20/2022 | [Set app protection settings for Android or iOS devices](/microsoft-365/business-premium/m365bp-app-protection-settings-for-android-and-ios?view=o365-21vianet) | modified |

+| 5/20/2022 | [Enable domain-joined Windows 10 devices to be managed by Microsoft 365 for business](/microsoft-365/business-premium/m365bp-manage-windows-devices?view=o365-21vianet) | modified |

+| 5/20/2022 | [Set up multi-factor authentication for Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-multifactor-authentication?view=o365-21vianet) | modified |

+| 5/20/2022 | [Prepare for Office client deployment with Microsoft 365 Business Premium](/microsoft-365/business-premium/m365bp-prepare-for-office-client-deployment?view=o365-21vianet) | modified |

+| 5/20/2022 | Edit or create device protection settings for Windows 10 PCs | removed |

+| 5/20/2022 | [View or edit device protection policies](/microsoft-365/business-premium/m365bp-view-edit-create-mdb-policies?view=o365-21vianet) | modified |

+| 5/20/2022 | [Working with improvement actions in Microsoft Purview Compliance Manager](/microsoft-365/compliance/compliance-manager-improvement-actions?view=o365-21vianet) | modified |

+| 5/20/2022 | [Get started with content explorer](/microsoft-365/compliance/data-classification-content-explorer?view=o365-21vianet) | modified |

+| 5/20/2022 | [Send email notifications and show policy tips for DLP policies](/microsoft-365/compliance/use-notifications-and-policy-tips?view=o365-21vianet) | modified |

+| 5/20/2022 | [Cross-tenant mailbox migration](/microsoft-365/enterprise/cross-tenant-mailbox-migration?view=o365-21vianet) | modified |

+| 5/20/2022 | [Office 365 URLs and IP address ranges](/microsoft-365/enterprise/urls-and-ip-address-ranges?view=o365-21vianet) | modified |

+| 5/20/2022 | [Apply Microsoft Defender Antivirus protection updates to out of date endpoints](/microsoft-365/security/defender-endpoint/manage-outdated-endpoints-microsoft-defender-antivirus?view=o365-21vianet) | modified |

+| 5/20/2022 | Microsoft Defender Antivirus on Windows Server | removed |

+| 5/20/2022 | [Learn about trainable classifiers](/microsoft-365/compliance/classifier-learn-about?view=o365-21vianet) | modified |

+| 5/20/2022 | [Protect security settings with tamper protection](/microsoft-365/security/defender-endpoint/prevent-changes-to-security-settings-with-tamper-protection?view=o365-21vianet) | modified |

+| 5/20/2022 | [Anti-malware protection FAQ](/microsoft-365/security/office-365-security/anti-malware-protection-faq-eop?view=o365-21vianet) | modified |

+| 5/20/2022 | [Smart reports and insights](/microsoft-365/security/office-365-security/reports-and-insights-in-security-and-compliance?view=o365-21vianet) | modified |

+> [!NOTE]

+> If you are a US Government customer, please use the URIs listed in [Microsoft Defender for Endpoint for US Government customers](/microsoft-365/security/defender-endpoint/gov#api).

+| Setup Exchange Online Protection and Microsoft Defender for Office 365 | A policy to apply recommended anti-spam, anti-malware, anti-phishing, safe links and safe attachment policies to your tenants Exchange Online mailboxes. |

+If you are a Global or security administrator, you can now host firewall reporting to the [Microsoft 365 Defender portal](https://security.microsoft.com). This feature enables you to view Windows 10, Windows 11, Windows Server 2019, and Windows Server 2022 firewall reporting from a centralized location.

+```powershell

+param (

+ [switch]$remediate

+)

+try {

+ $categories = "Filtering Platform Packet Drop,Filtering Platform Connection"

+ $current = auditpol /get /subcategory:"$($categories)" /r | ConvertFrom-Csv

+ if ($current."Inclusion Setting" -ne "failure") {

+ if ($remediate.IsPresent) {

+ Write-Host "Remediating. No Auditing Enabled. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})"

+ $output = auditpol /set /subcategory:"$($categories)" /failure:enable

+ if($output -eq "The command was successfully executed.") {

+ Write-Host "$($output)"

+ exit 0

+ }

+ else {

+ Write-Host "$($output)"

+ exit 1

+ }

+ }

+ else {

+ Write-Host "Remediation Needed. $($current | ForEach-Object {$_.Subcategory + ":" + $_.'Inclusion Setting' + ";"})."

+ exit 1

+ }

+ }

+}

+catch {

+ throw $_

+}

+```

+## 101.68.80 (30.122042.16880.0)

+- Added support for kernel version `2.6.32-754.47.1.el6.x86_64` when running on RHEL 6

+- On RHEL 6, product can now be installed on devices running Unbreakable Enterprise Kernel (UEK)

+- Fixed an issue where the process name was sometimes incorrectly displayed as `unknown` when running `mdatp diagnostic real-time-protection-statistics`

+- Fixed a bug where the product sometimes was incorrectly detecting files inside the quarantine folder

+- Fixed an issue where the `mdatp` command-line tool was not working when `/opt` was mounted as a soft-link

+- Performance improvements & bug fixes

+ - 2.6.32-754.47.1.el6.x86_64

+<li>Get your security intelligence updates in the Windows Security app. <img src="images/defender-updatedefs2.png" alt="Update definitions in Microsoft Defender Antivirus"/>Or,

+| Subscription | Your subscription must include one of the following:<br/>- [Windows 10/11 Enterprise E5](/windows/deployment/deploy-enterprise-licenses)<br/>- [Microsoft 365 E5](https://www.microsoft.com/microsoft-365/enterprise/e5?activetab=pivot%3aoverviewtab)<br/>- Microsoft 365 E5 Security<br/>- [Microsoft 365 E3](https://www.microsoft.com/microsoft-365/enterprise/e3?activetab=pivot%3aoverviewtab)<br/>- [Microsoft Defender for Endpoint Plan 1 or Plan 2](../defender/eval-defender-endpoint-overview.md)<br/>- [Microsoft Defender for Business](../defender-business/mdb-overview.md)<br/>- [Microsoft 365 Business Premium](https://www.microsoft.com/microsoft-365/business/microsoft-365-business-premium)|

+ > If you're using either Microsoft 365 Business Premium or Defender for Business, your web content filtering policy is applied to all users by default. Scoping does not apply.

+The blocking experience for third-party supported browsers is provided by network protection, which provides a system-level message notifying the user of a blocked connection. For a more user-friendly, in-browser experience, consider using Microsoft Edge.

+If you encounter a domain that has been incorrectly categorized, you can dispute the category directly from the Microsoft 365 Defender portal.

+Only Microsoft Edge is supported and network protection is not supported on Windows 10 Azure Virtual Desktop multi-session hosts.

+Network protection does not currently support SSL inspection, which might result in some sites being allowed by web content filtering that would normally be blocked. Sites would be allowed due to a lack of visibility into encrypted traffic after the TLS handshake has taken place and an inability to parse certain redirects. This includes redirections from some web-based mail login pages to the mailbox page. As an accepted workaround, you can create a custom block indicator for the login page to ensure no users are able to access the site. Keep in mind, this might block their access to other services associated with the same website.

+If you are using Microsoft 365 Business Premium or Microsoft Defender for Business, you can define one web content filtering policy for your environment. That policy will apply to all users by default.

+With [Microsoft Defender for Office 365](defender-for-office-365.md), you get [detailed information about automated investigations](air-view-investigation-results.md). However, some organizations also use a custom or third-party reporting solution. If your organization wants to integrate information about [automated investigations](office-365-air.md) with such a solution, you can use the Office 365 Management Activity API.

+**Applies to**

+- [Microsoft Defender for Office 365 plan 2](defender-for-office-365.md)

+**Applies to**

+- [Microsoft Defender for Office 365 plan 2](defender-for-office-365.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+In Microsoft 365 organizations with Exchange Online mailboxes, or standalone Exchange Online Protection (EOP) organizations without Exchange Online mailboxes, all messages sent to your organization pass through EOP before users see them. You have options about how to route messages that pass through EOP for processing before they are routed to user mailboxes.

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+Security teams can use the smart reports and insights in the Security & Compliance Center to monitor the health and security of their organizations. This information is presented in the **Dashboard** at <https://protection.office.com/insightdashboard>:

+The smart reports and insights on the **Dashboard** have the following capabilities:

+- Highlight problem areas.

+- Recommendations and links to view and explore data.

+- Take quick action.

+For example, if users in your organization are suddenly reporting a high number of email messages as spam, you should verify the settings in your anti-spam policies.

+## Types of reports in the Security & Compliance Center

+The following table list the reports that are available in the **Dashboard**:

+|Type of information|How to get there|Where to go to learn more|

+||||

+|**All up** <p> Top insights and recommendations, and links to available security reports and compliance reports.|<https://protection.office.com/insightdashboard>|[Reports in the Security & Compliance Center](../../compliance/reports-in-security-and-compliance.md)|

+|**Email & collaboration reports** <p> Threat detections, malware trends, top targeted users, details about sent and received email messages, and more.|<https://security.microsoft.com/emailandcollabreport>|[View email security reports](view-email-security-reports.md) <p> [View reports for Defender for Office 365](view-reports-for-mdo.md)|

+|**Explorer** (also referred to as Threat explorer) or **Real-time detections** <p> Suspected malware detected in email and files in Microsoft 365.|<https://security.microsoft.com/threatexplorer> <p> <https://security.microsoft.com/realtimereports>|[Threat Explorer (or real-time detections)](threat-explorer.md)|

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)

+**Applies to:**

+- [Exchange Online Protection](exchange-online-protection-overview.md)

+- [Microsoft Defender for Office 365 plan 1 and plan 2](defender-for-office-365.md)

+- [Microsoft 365 Defender](../defender/microsoft-365-defender.md)