| Category | Microsoft Docs article | Related commit history on GitHub | Change details |
|---|---|---|---|
| business-premium | M365bp Device States | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-device-states.md | ms.assetid: c3ac23c5-d4b4-4b1b-b7ce-ea759521bf8c description: "Learn about the various device states in the Device actions list in Admin home in Microsoft 365 for business." -# Device states +# Device states in Microsoft 365 for business This article applies to Microsoft 365 Business Premium. |
| business-premium | M365bp Secure Users | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/m365bp-secure-users.md | search.appverid: description: "Learn how Microsoft 365 Business Premium helps your business with productivity and security." -# How Microsoft 365 Business Premium helps your business +# How Microsoft 365 security recommendations affect your users Microsoft 365 Business Premium is a cost-effective solution that empowers small and medium-sized businesses to work more efficiently and more securely than before. This article describes how Microsoft 365 Business Premium can help your business, and includes these sections: |
| business-premium | Send Encrypted Email | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/send-encrypted-email.md | ms.assetid: 496e690b-b75d-4ff5-bf34-cc32905d0364 description: "Learn how to send encrypted email using Outlook." -# Encrypt or label sensitive email +# Encrypt or label your sensitive email in Microsoft 365 Your data and information is important, and often, confidential. The objective here is to help protect this sensitive information by ensuring everyone is using sensitivity labels so that email recipients treat the information with the utmost sensitivity. |
| business-premium | Set Up Meetings | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/set-up-meetings.md | search.appverid: description: "Set up online meetings with Microsoft Teams in Microsoft Business Premium." -# Set up meetings +# Set up meetings with Microsoft Teams Make sure members of the organization use Microsoft Teams for all meetings. Teams meetings files include audio, video, and sharing, and because they're online, there is always a meeting space and there's no need for a room with a projector! Microsoft Teams meetings are a great way to come together with your staff both inside and outside of your organization. |
| business-premium | Share Files And Videos | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/business-premium/share-files-and-videos.md | search.appverid: description: "Share files and videos inside your campaign with Microsoft Teams and SharePoint. Microsoft 365 Business premium includes Teams which is a great way to safely share files and videos." + # Share files and videos in a safe environment + Another thing to pay attention to is ensuring all members of the organization control who can view and edit files, and that they are stored in a secure location with the proper permissions applied. Microsoft 365 Business Premium users can use Microsoft Teams to store files, and then share the files either inside or outside of the firm, practice or campaign. You can also send a SharePoint link. Sending a link rather than an email attachment means you know who is viewing and modifying the files, and they can't be viewed or modified without permission.  |
| commerce | Change Payment Frequency | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/change-payment-frequency.md | description: "Learn how to change how frequently you're billed for your business Last updated 05/24/2022 -# Change your billing frequency +# Change your Microsoft 365 subscription billing frequency When you buy a subscription, you select a billing frequency. To change how often you are billed for a subscription, use the following steps. |
| commerce | Change Your Billing Addresses | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/change-your-billing-addresses.md | description: "Learn how to update your billing addresses or the email address us Last updated 01/24/2022 -# Change your billing addresses +# Change your Microsoft 365 for business billing addresses Your bill or invoice contains three addresses: |
| commerce | Tax Information | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/tax-information.md | description: "Find out how much tax you will be charged for your Microsoft 365 f Last updated 03/17/2021 -# Tax information +# Microsoft 365 tax information When you buy Microsoft 365 products and services, the taxes that you pay are determined by one of two things: your business address, or your shipping address, if it's different. If your organization is in the United States, you must provide a Federal Employer Identification Number (FEIN). |
| commerce | View Your Bill Or Invoice | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/billing-and-payments/view-your-bill-or-invoice.md | description: "Find your invoice or billing statement in the Microsoft 365 admin Last updated 01/25/2022 -# View your bill or invoice +# View your Microsoft 365 for business subscription bill or invoice This article is for people who have a Microsoft 365 for business subscription. |
| commerce | Buy Or Edit An Add On | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/buy-or-edit-an-add-on.md | description: "Learn how to buy and manage add-ons for your Microsoft 365 for bus Last updated 04/02/2021 -# Buy or manage add-ons +# Buy or manage add-ons for Microsoft 365 business plans Many Microsoft 365 for business plans have add-ons that you can buy for your subscriptions. Add-ons provide more features to enhance your subscription experience. |
| commerce | Close Your Account | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/close-your-account.md | description: "When you close your account with Microsoft all information related Last updated 04/02/2021 -# Close your account +# Close your Microsoft account When you close your account with Microsoft, all information related to your account is deleted. This information includes subscriptions, licenses, payment methods, users, and user data. |
| commerce | Add Licenses Using Product Key | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/add-licenses-using-product-key.md | -# Add licenses to or extend a subscription paid for using a product key +# Add licenses to or extend a paid subscription by using a Microsoft 365 product key Prepaid licenses are issued to you as a 25-character alphanumeric code. After you have purchased the licenses you need, you can add them to your subscription. You can also use a product key to extend the expiration date of your subscription. |
| commerce | Allotment Basics | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/allotment-basics.md | description: "Learn about the new allotments feature." Last updated 05/12/2022 -# Allotment basics +# Microsoft 365 license allotment basics License allotments let you set license limits and delegate management of license assignment to only the products and license limits that you select. |
| commerce | Buy Licenses | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/buy-licenses.md | description: "Use these steps to buy more licenses or reduce the number of licen Last updated 06/06/2022 -# Buy or remove licenses +# Buy or remove Microsoft 365 licenses for a subscription You can buy more licenses or reduce the number of licenses for your subscriptions by using the following steps. |
| commerce | Manage Auto Claim Policies | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/manage-auto-claim-policies.md | search.appverid: MET150 Last updated 04/06/2021 -# Manage auto-claim policies +# Manage Microsoft Teams auto-claim policies An auto-claim policy lets users automatically claim a license for a product the first time that they sign into an app. As an admin, you typically assign licenses to users either manually, or by using group-based licensing. By using auto-claim policies, you manage the products for which users can automatically claim licenses. You can also control which products those licenses come from. |
| commerce | Manage License Requests | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/licenses/manage-license-requests.md | description: "Learn how to review and approve or deny license requests from user Last updated 04/22/2022 -# Manage license requests +# Manage self-service license requests > [!NOTE] > The information in this article only applies to self-service purchased products. To learn more, see [Self-service purchase FAQ](../subscriptions/self-service-purchase-faq.yml). |
| commerce | Manage Billing Accounts | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/manage-billing-accounts.md | description: "Learn about billing accounts and how they're used to manage accoun Last updated 05/24/2022 -# Understand billing accounts +# Understand your Microsoft billing accounts A billing account is created when you sign up to try or buy Microsoft products. You use your billing account to manage your account settings, invoices, payment methods, and purchases. You can have access to multiple billing accounts. For example, you signed up for Microsoft 365 directly, or you have access to your organization's Enterprise Agreement, Microsoft Product & Services Agreement or Microsoft Customer Agreement. For each of these scenarios, you would have a separate billing account. |
| commerce | Manage Partners | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/manage-partners.md | description: "Learn how to work with Microsoft-certified solution providers (par Last updated 02/04/2022 -# Manage partner relationships +# Manage Microsoft-certified solution provider partner relationships You can work with Microsoft-certified solution providers (partners) to purchase and manage products and services for your organization or school. There are a few steps involved in getting things set up. |
| commerce | Review Partner Admin Privileges | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/review-partner-admin-privileges.md | description: "Learn how to review your list of Microsoft-certified solution prov Last updated 12/03/2021 -# Review partner administrative privileges +# Review Microsoft-certified cloud solution provider partner administrative privileges If you have a Microsoft-certified cloud solution provider (reseller partner), we recommend you conduct a quarterly review of the delegated administrative privileges (DAP) assigned to them. Make sure your organization wants this partner to have access to your organizationΓÇÖs data and make purchases on your behalf. |
| commerce | Cancel Your Subscription | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/cancel-your-subscription.md | description: "Learn how to cancel your Dynamics 365, Intune, Power Platform, and Last updated 06/02/2022 -# Cancel your business subscription +# Cancel your Microsoft subscription ++If you want to cancel your subscription, the easiest way to do that is to [turn off recurring billing](renew-your-subscription.md). When you turn off recurring billing, you can continue to use your subscription until it expires at the end of the subscription term. If you want to cancel immediately, use the information and steps in this article to do that. > [!IMPORTANT] > - This article only applies to Dynamics 365, Intune, Power Platform, and Microsoft 365 for business subscriptions. If you have Microsoft 365 Family or Personal, see [Cancel a Microsoft 365 subscription](https://support.microsoft.com/office/cancel-a-microsoft-365-subscription-46e2634c-c64b-4c65-94b9-2cc9c960e91b?OCID=M365_DocsCancel_Link). |
| commerce | Change Plans Manually | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/change-plans-manually.md | description: "Change subscriptions manually by buying a new subscription and ens Last updated 03/17/2021 -# Change plans manually +# Manually change Microsoft plans ## Step 1: Decide how to change plans |
| commerce | Reactivate Your Subscription | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/reactivate-your-subscription.md | description: "Admins can reactivate a subscription when it expires, is disabled, Last updated 04/07/2021 -# Reactivate your subscription +# Reactivate your Microsoft subscription You can reactivate your subscription in the admin center if: the subscription expired, was disabled by Microsoft, or if you canceled it in the middle of a subscription term. |
| commerce | Upgrade To Different Plan | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/subscriptions/upgrade-to-different-plan.md | description: "The easiest way to upgrade plans is to use the Upgrade tab in the Last updated 04/21/2021 -# Upgrade to a different plan +# Upgrade to a different Microsoft plan When your business changes, or you need more features, you can upgrade plans. The easiest way to do this is to use the **Upgrade** tab in the admin center. However, using the **Upgrade** tab isn't supported in all situations. In some cases, you might be able to change plans manually. When your business changes, or you need more features, you can upgrade plans. Th When you use the **Upgrade** tab, you're led through the process of buying a new plan. All users are automatically assigned licenses in the new plan, and your old plan is canceled for you. -1. In the Admin center, go to the **Billing** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=842054" target="_blank">Your products</a> page. +1. In the admin center, go to the **Billing** \> <a href="https://go.microsoft.com/fwlink/p/?linkid=842054" target="_blank">Your products</a> page. 2. Select the subscription that you want to upgrade. 3. On the subscription details page, under **Product details and upgrades**, select **View upgrades recommended for your org**. 4. Find the plan to which you want to upgrade, then select the **Upgrade** button. |
| commerce | Understand Proposal Workflow | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/understand-proposal-workflow.md | -# Understand the proposal workflow +# Understand the Microsoft proposal workflow A proposal is a formal offer from Microsoft for your organization to buy Microsoft products and services. You work directly with a Microsoft representative to determine the specific products, services, and terms for your proposal. |
| commerce | Use A Promo Code | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/commerce/use-a-promo-code.md | description: "Learn how to apply a promotional code to your Microsoft 365 subscr Last updated 03/17/2021 -# Use your promo code to reduce price +# Use your Microsoft 365 for business promo code to reduce the price When you purchase a subscription, you can use a promotional code to reduce the price. Read this article to learn how to apply a promo code to your subscription, to learn about the [Promo code terms](#promo-code-terms), and to [Troubleshoot promo codes](#troubleshooting-promo-codes). |
| compliance | Compliance Easy Trials | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/compliance-easy-trials.md | Users must hold one of the following admin roles in order to sign up for or end - Billing Administrator - Compliance Administrator - Global Administrator+- Compliance Data Administrator Get details on roles at [About admin roles](../admin/add-users/about-admin-roles.md). |
| compliance | Dlp Microsoft Teams | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/compliance/dlp-microsoft-teams.md | If your organization has Microsoft Purview Data Loss Prevention (DLP), you can d ## DLP Licensing for Microsoft Teams -[Data loss prevention](dlp-learn-about-dlp.md) capabilities were extended to include Microsoft Teams chat and channel messages, **including private channel messages** for: +[Data loss prevention](dlp-learn-about-dlp.md) capabilities include Microsoft Teams chat and channel messages, **including private channel messages** for: - Office 365 E5/A5/G5 - Microsoft 365 E5/A5/G5 Returning to our example, where a sender shared a social security number in a Te To perform this task, you must be assigned a role that has permissions to edit DLP policies. To learn more, see [Permissions](data-loss-prevention-policies.md#permissions). -1. Go to the Compliance Center ([https://compliance.microsoft.com](https://compliance.microsoft.com)) and sign in. +1. Go to the Purview Compliance Center ([https://compliance.microsoft.com](https://compliance.microsoft.com)) and sign in. 2. Choose **Data loss prevention** > **Policy**. To perform this task, you must be assigned a role that has permissions to edit D 4. Either create a new rule, or edit an existing rule for the policy. - > [!div class="mx-imgBorder"] - >  - 5. On the **User notifications** tab, select **Customize the email text** and/or **Customize the policy tip text** options. - > [!div class="mx-imgBorder"] - > <br/> - 6. Specify the text you want to use for email notifications and/or policy tips, and then choose **Save**. 7. On the **Policy settings** tab, choose **Save**. To perform this task, you must be assigned a role that has permissions to edit D 3. Select a policy, and look at the values under **Locations**. If you see **Teams chat and channel messages**, you're all set. If you don't, click **Edit**. - > [!div class="mx-imgBorder"] - >  - 4. In the **Status** column, turn on the policy for **Teams chat and channel messages**. - > [!div class="mx-imgBorder"] - >  - 5. On the **Choose locations** tab, keep the default setting of all accounts, or select **Let me choose specific locations**. You can specify: 1. Up to 1000 individual accounts to include or exclude To perform this task, you must be assigned a role that has permissions to edit D In our example, we chose the U.S. Personally Identifiable Information Data template. - > [!div class="mx-imgBorder"] - > <br/> - 4. On the **Name your policy** tab, specify a name and description for the policy, and then choose **Next**. 5. On the **Choose locations** tab, keep the default setting of all accounts, or select **Let me choose specific locations**. You can specify: To perform this task, you must be assigned a role that has permissions to edit D 1. Distribution lists and security groups to include or exclude. **This is a public preview feature.** <!-- 1. the shared mailbox of a shared channel. **This is a public preview feature.**--> -  -+ > [!NOTE] > If you want to make sure documents that contain sensitive information are not shared inappropriately in Teams, make sure **SharePoint sites** and **OneDrive accounts** are turned on, along with **Teams chat and channel messages**. To perform this task, you must be assigned a role that has permissions to edit D 7. On the **Policy settings** tab, under **What do you want to do if we detect sensitive info?**, review the settings. Here's where you can choose to keep default [policy tips and email notifications](use-notifications-and-policy-tips.md), or customize them. - > [!div class="mx-imgBorder"] - >  + When you're finished reviewing or editing settings, choose **Next**. 8. On the **Policy settings** tab, under **Do you want to turn on the policy or test things out first?**, choose whether to turn on the policy, [test it first](dlp-overview-plan-for-dlp.md#policy-deployment), or keep it turned off for now, and then choose **Next**. - > [!div class="mx-imgBorder"] - >  - 9. On the **Review your settings** tab, review the settings for your new policy. Choose **Edit** to make changes. When you're finished, choose **Create**. Allow approximately one hour for your new policy to work its way through your data center and sync to user accounts. DLP policy in action when attempting to share a document in SharePoint that cont > [!div class="mx-imgBorder"] >  --DLP policy in action when guest attempts to open a document in Teams with block external: -+<!--DLP policy in action when guest attempts to open a document in Teams with block external: +can't use the below image it contains a non-approved name. > [!div class="mx-imgBorder"]->  +> --> ## Related articles |
| security | Get Assessment Methods Properties | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-methods-properties.md | rbacGroupId|String|The role-based access control (RBAC) group ID. RecommendationReference|String|A reference to the recommendation ID related to this software. RecommendedSecurityUpdate|String|Name or description of the security update provided by the software vendor to address the vulnerability. RecommendedSecurityUpdateId|String|Identifier of the applicable security updates or identifier for the corresponding guidance or knowledge base (KB) articles.-Registry Paths Array\[string\]|Registry evidence that the product is installed in the device. +Registry Paths|Array[string]|Registry evidence that the product is installed in the device. +SecurityUpdateAvailable|Boolean|Indicates whether a security update is available for the software. SoftwareName|String|Name of the software product. SoftwareVendor|String|Name of the software vendor. SoftwareVersion|String|Version number of the software product. |
| security | Get Assessment Software Vulnerabilities | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/get-assessment-software-vulnerabilities.md | RecommendationReference|String|A reference to the recommendation ID related to t RecommendedSecurityUpdate (optional)|String|Name or description of the security update provided by the software vendor to address the vulnerability.|April 2020 Security Updates RecommendedSecurityUpdateId (optional)|String|Identifier of the applicable security updates or identifier for the corresponding guidance or knowledge base (KB) articles|4550961 RegistryPaths|Array\[string\]|Registry evidence that the product is installed in the device.|[ "HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Microsoft\Windows\CurrentVersion\Uninstall\MicrosoftSilverlight" ]+SecurityUpdateAvailable|Boolean|Indicates whether a security update is available for the software.| Possible values are true or false. SoftwareName|String|Name of the software product.|Chrome SoftwareVendor|String|Name of the software vendor.|Google SoftwareVersion|String|Version number of the software product.|81.0.4044.138 GET https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitie "lastSeenTimestamp": "2020-12-30 14:17:26", "firstSeenTimestamp": "2020-12-30 11:07:15", "exploitabilityLevel": "NoExploit",- "recommendationReference": "va-_-microsoft-_-edge" + "recommendationReference": "va-_-microsoft-_-edge", + "securityUpdateAvailable": true }, { "id": "00044f912345baf756462bde6db733b9a9c56ad4_.net_framework_4.0.0.0__", GET https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitie "lastSeenTimestamp": "2020-12-30 13:18:33", "firstSeenTimestamp": "2020-12-30 11:07:15", "exploitabilityLevel": "NoExploit",- "recommendationReference": "va-_-microsoft-_-.net_framework" + "recommendationReference": "va-_-microsoft-_-.net_framework", + "securityUpdateAvailable": true }, { "id": "00044f912345baf756462dbe6db733d6a9c59ab4_system_center_2012_endpoint_protection_4.10.209.0__", GET https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitie "lastSeenTimestamp": "2020-12-30 14:17:26", "firstSeenTimestamp": "2020-12-30 11:07:15", "exploitabilityLevel": "NoExploit",- "recommendationReference": "va-_-microsoft-_-system_center_2012_endpoint_protection" + "recommendationReference": "va-_-microsoft-_-system_center_2012_endpoint_protection", + "securityUpdateAvailable": true }, { "id": "00044f612345bdaf759462dbe6bd733b6a9c59ab4_onedrive_20.245.1206.2__", GET https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitie "lastSeenTimestamp": "2020-12-30 13:18:33", "firstSeenTimestamp": "2020-12-30 11:07:15", "exploitabilityLevel": "NoExploit",- "recommendationReference": "va-_-microsoft-_-onedrive" + "recommendationReference": "va-_-microsoft-_-onedrive", + "securityUpdateAvailable": true }, { "id": "00044f912345daf759462bde6db733b6a9c56ab4_windows_10_10.0.17763.1637__", GET https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitie "lastSeenTimestamp": "2020-12-30 14:17:26", "firstSeenTimestamp": "2020-12-30 11:07:15", "exploitabilityLevel": "NoExploit",- "recommendationReference": "va-_-microsoft-_-windows_10" "va-_-microsoft-_-windows_11" + "recommendationReference": "va-_-microsoft-_-windows_10" "va-_-microsoft-_-windows_11", + "securityUpdateAvailable": true } ], "@odata.nextLink": "https://api.securitycenter.microsoft.com/api/machines/SoftwareVulnerabilitiesByMachine?pagesize=5&$skiptoken=eyJFeHBvcnREZWZpbml0aW9uIjp7IlRpbWVQYXRoIjoiMjAyMS0wMS0xMS8xMTAxLyJ9LCJFeHBvcnRGaWxlSW5kZXgiOjAsIkxpbmVTdG9wcGVkQXQiOjV9" |
| security | Manage Protection Update Schedule Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-protection-update-schedule-microsoft-defender-antivirus.md | Enabling these settings will override that default. 3. Click **Policies** then **Administrative templates**. -4. Expand the tree to **Windows components** \> **Microsoft Defender Antivirus** \> **Signature Intelligence Updates** and configure the following settings: +4. Expand the tree to **Windows components** \> **Windows Defender Antivirus** \> **Signature Updates** and configure the following settings: 1. Double-click the **Specify the day of the week to check for security intelligence updates** setting and set the option to **Enabled**. Enter the day of the week to check for updates. Click **OK**.- 2. Double-click the **Specify the interval to check for security intelligence updates** setting and set the option to **Enabled**. Enter the number of hours between updates. Click **OK**. - 3. Double-click the **Specify the time to check for security intelligence updates** setting and set the option to **Enabled**. Enter the time when updates should be checked. The time is based on the local time of the endpoint. Click **OK**. ++ 2. Double-click the **Specify the interval to check for definition updates** setting and set the option to **Enabled**. Enter the number of hours between updates. Click **OK**. ++ 3. Double-click the **Specify the time to check for definition updates** setting and set the option to **Enabled**. Enter the time when updates should be checked. The time is based on the local time of the endpoint. Click **OK**. ## Use PowerShell cmdlets to schedule protection updates See the following for more information and allowed parameters: > - [Set preferences for Microsoft Defender for Endpoint on macOS](mac-preferences.md) > - [Microsoft Defender for Endpoint on Mac](microsoft-defender-endpoint-mac.md) > - [macOS Antivirus policy settings for Microsoft Defender Antivirus for Intune](/mem/intune/protect/antivirus-microsoft-defender-settings-macos)+> - [Configure Microsoft Defender for Endpoint on iOS features](ios-configure-features.md) +> - [Configure Defender for Endpoint on Android features](android-configure.md) > - [Set preferences for Microsoft Defender for Endpoint on Linux](linux-preferences.md) > - [Microsoft Defender for Endpoint on Linux](microsoft-defender-endpoint-linux.md)-> - [Configure Defender for Endpoint on Android features](android-configure.md) -> - [Configure Microsoft Defender for Endpoint on iOS features](ios-configure-features.md) ## Related articles See the following for more information and allowed parameters: - [Manage updates for endpoints that are out of date](manage-outdated-endpoints-microsoft-defender-antivirus.md) - [Manage event-based forced updates](manage-event-based-updates-microsoft-defender-antivirus.md) - [Manage updates for mobile devices and virtual machines (VMs)](manage-updates-mobile-devices-vms-microsoft-defender-antivirus.md)-- [Microsoft Defender Antivirus in Windows 10](microsoft-defender-antivirus-in-windows-10.md)+- [Microsoft Defender Antivirus in Windows 10 and 11](microsoft-defender-antivirus-in-windows-10.md) |
| security | Manage Updates Baselines Microsoft Defender Antivirus | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/manage-updates-baselines-microsoft-defender-antivirus.md | All our updates contain  Support phase: **Security and Critical Updates**<br/> Engine version: 1.1.19300.2<br/>-Security intelligence update version: 4.18.2205.7<br/> +Security intelligence update version: 1.369.88.0<br/> ### What's new |
| security | Switch To Mde Phase 2 | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-endpoint/switch-to-mde-phase-2.md | The specific exclusions to configure will depend on which version of Windows you | OS |Exclusions | |:--|:--|-|Windows 11 <br/><br/>Windows 10, [version 1803](/lifecycle/announcements/windows-server-1803-end-of-servicing) or later (See [Windows 10 release information](/windows/release-health/release-information))<br/><br/>Windows 10, version 1703 or 1709 with [KB4493441](https://support.microsoft.com/help/4493441) installed <br/><br/> Windows Server 2022<br/><br/>[Windows Server 2019](/windows/release-health/status-windows-10-1809-and-windows-server-2019) <br/><br/>[Windows Server 2016](/windows/release-health/status-windows-10-1607-and-windows-server-2016)<br/><br/>[Windows Server 2012 R2](/windows/release-health/status-windows-8.1-and-windows-server-2012-r2)<br/><br/>[Windows Server, version 1803](/windows-server/get-started/whats-new-in-windows-server-1803) | `C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseIR.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseCM.exe`<br/><br/>In addition, on Windows Server 2012 R2 and 2016 running the modern, unified solution the following exclusions are required after updating the Sense EDR component using [KB5005292](https://support.microsoft.com/en-us/topic/microsoft-defender-for-endpoint-update-for-edr-sensor-f8f69773-f17f-420f-91f4-a8e5167284ac):<br/> <br/> `C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\MsSense.exe` <br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCnCProxy.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseIR.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCE.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseSampleUploader.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCM.exe` | +|Windows 11 <br/><br/>Windows 10, [version 1803](/lifecycle/announcements/windows-server-1803-end-of-servicing) or later (See [Windows 10 release information](/windows/release-health/release-information))<br/><br/>Windows 10, version 1703 or 1709 with [KB4493441](https://support.microsoft.com/help/4493441) installed <br/><br/> Windows Server 2022<br/><br/>[Windows Server 2019](/windows/release-health/status-windows-10-1809-and-windows-server-2019) <br/><br/>[Windows Server 2016](/windows/release-health/status-windows-10-1607-and-windows-server-2016)<br/><br/>[Windows Server 2012 R2](/windows/release-health/status-windows-8.1-and-windows-server-2012-r2)<br/><br/>[Windows Server, version 1803](/windows-server/get-started/whats-new-in-windows-server-1803) | `C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseCncProxy.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseSampleUploader.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseIR.exe`<br/><br/>`C:\Program Files\Windows Defender Advanced Threat Protection\SenseCM.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\DataCollection`<br/><br/> In addition, on Windows Server 2012 R2 and 2016 running the modern, unified solution the following exclusions are required after updating the Sense EDR component using [KB5005292](https://support.microsoft.com/en-us/topic/microsoft-defender-for-endpoint-update-for-edr-sensor-f8f69773-f17f-420f-91f4-a8e5167284ac):<br/> <br/> `C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\MsSense.exe` <br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCnCProxy.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseIR.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCE.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseSampleUploader.exe`<br/><br/>`C:\ProgramData\Microsoft\Windows Defender Advanced Threat Protection\Platform\*\SenseCM.exe`| |[Windows 8.1](/windows/release-health/status-windows-8.1-and-windows-server-2012-r2)<br/><br/>[Windows 7](/windows/release-health/status-windows-7-and-windows-server-2008-r2-sp1)<br/><br/>[Windows Server 2008 R2 SP1](/windows/release-health/status-windows-7-and-windows-server-2008-r2-sp1) |`C:\Program Files\Microsoft Monitoring Agent\Agent\Health Service State\Monitoring Host Temporary Files 6\45\MsSenseS.exe`<br/><br/>**NOTE**: Monitoring Host Temporary Files 6\45 can be different numbered subfolders.<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\AgentControlPanel.exe`<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\HealthService.exe`<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\HSLockdown.exe`<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\MOMPerfSnapshotHelper.exe`<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\MonitoringHost.exe`<br/><br/>`C:\Program Files\Microsoft Monitoring Agent\Agent\TestCloudConnection.exe` | ## Add your existing solution to the exclusion list for Microsoft Defender Antivirus |
| security | Tvm Weaknesses | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender-vulnerability-management/tvm-weaknesses.md | ms.prod: m365-security ms.mktglfcycl: deploy ms.sitesec: library ms.pagetype: security--++ ms.localizationpriority: medium audience: ITPro The **Weaknesses** page lists the software vulnerabilities your devices are expo Access the Weaknesses page a few different ways: -- Selecting **Weaknesses** from the **Vulnerability management** navigation menu in the [Microsoft 365 Defender portal](https://security.microsoft.com).- ### Navigation menu -Go to the **Vulnerability management** navigation menu and select **Weaknesses** to open the list of CVEs. +- Select **Weaknesses** from the **Vulnerability management** navigation menu in the [Microsoft 365 Defender portal](https://security.microsoft.com) to open the list of CVEs. ### Vulnerabilities in global search 1. Go to the global search drop-down menu.-2. Select **Vulnerability** and key-in the Common Vulnerabilities and Exposures (CVE) ID that you're looking for, for example "CVE-2018-5568", then select the search icon. The **Weaknesses** page opens with the CVE information that you're looking for. +2. Select **Vulnerability** and key in the Common Vulnerabilities and Exposures (CVE) ID that you're looking for, for example "CVE-2018-5568", then select the search icon. The **Weaknesses** page opens with the CVE information that you're looking for. 3. Select the CVE to open a flyout panel with more information, including the vulnerability description, details, threat insights, and exposed devices. To see the rest of the vulnerabilities in the **Weaknesses** page, type CVE, then select search. Remediate the vulnerabilities in exposed devices to reduce the risk to your asse ### Breach and threat insights -View any related breach and threat insights in the **Threat** column when the icons are colored red. +View any related breach and threat insights in the **Threats** column when the icons are colored red. > [!NOTE] > Always prioritize recommendations that are associated with ongoing threats. These recommendations are marked with the threat insight icon  and breach insight icon . The threat insights icon is highlighted if there are associated exploits in the ### Gain vulnerability insights -If you select a CVE, a flyout panel will open with more information such as the vulnerability description, details, threat insights, and exposed devices. +If you select a CVE, a flyout panel will open with more information such as the vulnerability description, details and threat insights. For each CVE, you can see a list of the exposed devices and the software affected. ++When a security recommendation is available you can select **Go to the related security recommendation** for details on how to remediate the vulnerability. +++Recommendations for a CVE are often to remediate the vulnerability through a security update for the related software. However, Some CVEs won't have a security update available. This might apply to all the related software for a CVE or just a subset, for example, a software vendor might decide not to fix the issue on a particular vulnerable version. ++When a security update is only available for some of the related software, the CVE will have the tag ΓÇÿSome updates availableΓÇÖ. Once there is at least one update available, you'll have the option to go to the related security recommendation. +++If there is no security update available, the CVE will have the tag ΓÇÿNo updates availableΓÇÖ. There will be no option to go to the related security recommendation as software that doesnΓÇÖt have a security update available is excluded from the Security recommendations page. ++ > [!NOTE] + > Security recommendations only include devices and software packages that have security updates available. -- The "OS Feature" category is shown in relevant scenarios-- You can go to the related security recommendation for every CVE with exposed device+The information on security update availability is also visible in the _Update availability_ column on the **Exposed devices** and **Related software** tabs. -  ### Software that isn't supported -CVEs for software that isn't currently supported by threat & vulnerability management is still present in the Weaknesses page. Because the software is not supported, only limited data will be available. +A CVE for software that isnΓÇÖt currently supported by vulnerability management still appears in the Weaknesses page. Because the software is not supported, only limited data will be available. Exposed device information will not be available for CVEs with unsupported software. Filter by unsupported software by selecting the "Not available" option in the "Exposed devices" section. Exposed device information will not be available for CVEs with unsupported softw ### Top vulnerable software in the dashboard -1. Go to the [threat and vulnerability management dashboard](tvm-dashboard-insights.md) and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software, along with threat information and a high-level view of device exposure over time. +1. Go to the [Defender Vulnerability Management dashboard](tvm-dashboard-insights.md) and scroll down to the **Top vulnerable software** widget. You will see the number of vulnerabilities found in each software, along with threat information and a high-level view of device exposure over time. -  --2. Select the software you want to investigate to go to a drilldown page. +2. Select the software you want to investigate. 3. Select the **Discovered vulnerabilities** tab.--4. Select the vulnerability you want to investigate for more information on vulnerability details +4. Select the vulnerability you want to investigate for more information on the vulnerability details. ### Discover vulnerabilities in the device page View related weaknesses information in the device page. -1. Go to the Microsoft 365 Defender navigation menu bar, then select the device icon. The **Device inventory** page opens. -+1. Select **Device inventory** from the **Vulnerability management** navigation menu in the [Microsoft 365 Defender portal](https://security.microsoft.com) 2. In the **Device inventory** page, select the device name that you want to investigate.+3. Select **Discovered vulnerabilities** from the device page. -  + :::image type="content" alt-text="Device page with details and response options." source="../../media/defender-vulnerability-management/tvm-discovered-vulnerabilities-secupdate.png" lightbox="../../media/defender-vulnerability-management/tvm-discovered-vulnerabilities-secupdate.png"::: -3. The device page will open with details and response options for the device you want to investigate. +4. Select the vulnerability that you want to investigate to open up a flyout panel with the CVE details, such as, vulnerability description, threat insights, and detection logic. -4. Select **Discovered vulnerabilities**. +#### CVE Detection logic - :::image type="content" alt-text="Device page with details and response options." source="../../media/defender-vulnerability-management/tvm-discovered-vulnerabilities.png" lightbox="../../media/defender-vulnerability-management/tvm-discovered-vulnerabilities.png"::: +Similar to the software evidence, we show the detection logic we applied on a device in order to state that it's vulnerable. -5. Select the vulnerability that you want to investigate to open up a flyout panel with the CVE details, such as: vulnerability description, threat insights, and detection logic. +To see the detection logic: -#### CVE Detection logic +1. Select a device from the Device inventory page. +2. Select **Discovered vulnerabilities** from the device page. +3. Select the vulnerability you want to investigate. -Similar to the software evidence, we now show the detection logic we applied on a device in order to state that it's vulnerable. The new section is called "Detection Logic" (in any discovered vulnerability in the device page) and shows the detection logic and source. --The "OS Feature" category is also shown in relevant scenarios. A CVE would affect devices that run a vulnerable OS only if a specific OS component is enabled. Let's say Windows Server 2019 or Windows Server 2022 has vulnerability in its DNS component. With this new capability, we'll only attach this CVE to the Windows Server 2019 and Windows Server 2022 devices with the DNS capability enabled in their OS. +A flyout will open and the **Detection logic** section shows the detection logic and source. :::image type="content" alt-text="Detection Logic example which lists the software detected on the device and the KBs." source="../../media/defender-vulnerability-management/tvm-cve-detection-logic.png"::: +The "OS Feature" category is also shown in relevant scenarios. This is when a CVE would affect devices that run a vulnerable OS if a specific OS component is enabled. For example, if Windows Server 2019 or Windows Server 2022 has vulnerability in its DNS component we'll only attach this CVE to the Windows Server 2019 and Windows Server 2022 devices with the DNS capability enabled in their OS. + ## Report inaccuracy Report a false positive when you see any vague, inaccurate, or incomplete information. You can also report on security recommendations that have already been remediated. 1. Open the CVE on the Weaknesses page. 2. Select **Report inaccuracy** and a flyout pane will open.-3. Select the inaccuracy category from the drop-down menu and fill in your email address and inaccuracy details. -4. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts. +3. From the flyout pane, choose an issue to report. +4. Fill in the requested details about the inaccuracy. This will vary depending on the issue you're reporting. +5. Select **Submit**. Your feedback is immediately sent to the threat and vulnerability management experts. + ## Related articles - [Security recommendations](tvm-security-recommendation.md) - [Software inventory](tvm-software-inventory.md) - [Dashboard insights](tvm-dashboard-insights.md)- |
| security | Advanced Hunting Devicetvmsoftwareinventory Table | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/security/defender/advanced-hunting-devicetvmsoftwareinventory-table.md | For information on other tables in the advanced hunting schema, see [the advance | `EndOfSupportStatus` | `string` | Indicates the lifecycle stage of the software product relative to its specified end-of-support (EOS) or end-of-life (EOL) date | | `EndOfSupportDate` | `string` | End-of-support (EOS) or end-of-life (EOL) date of the software product | | `ProductCodeCpe` | `string` | CPE of the software product or 'not available' where there is no CPE |-+| `CveTags` | `string` | An array of the tags relevant to the CVE. Tags that are currently supported are ΓÇ£ZeroDayΓÇ¥ and ΓÇ£NoSecurityUpdateΓÇ¥. ## Related topics |
| solutions | Choose Domain To Create Groups | https://github.com/MicrosoftDocs/microsoft-365-docs/commits/public/microsoft-365/solutions/choose-domain-to-create-groups.md | Let's say you want to control what sub-domains Microsoft 365 groups are created ``` New-EmailAddressPolicy -Name OtherGroups -IncludeUnifiedGroupRecipients -EnabledPrimarySMTPAddressTemplate "SMTP:@groups.contoso.com" -Priority 3 ```-+> [!NOTE] +> This scenario does not work when the MX record points to third-party spam filtering. + ## Change email address policies To change the priority or email address templates for an existing EAP, use the Set-EmailAddressPolicy cmdlet. There are a few more things to know: [Create your collaboration governance plan](collaboration-governance-first.md) (article) -[Create an Microsoft 365 group in the admin center](../admin/create-groups/create-groups.md) (article) +[Create a Microsoft 365 group in the admin center](../admin/create-groups/create-groups.md) (article) |