- - Choose whether you want to send the password in email when the user is added.

-2. Select **Create an account for another person**.

-3. On the **Add a user account** page, fill in the first and last name, display name, and username they'll use to sign in.

-4. Add the email address of the user in the **Up to 5 email addresses...** text box. This will make sure the new user gets the information they need to sign into Microsoft 365 services.

-5. Select **Add user** and **Download sign-in info** if you want to save this info.

-|Office 2013 for Windows|15.0.5023.1000|

- **Office 2013 requirements**

-Word, Excel, and PowerPoint 2013 for Windows will support the same minors checks if Active Directory Authentication Library (ADAL) is enabled. There are two options for compliance, as explained next.

- - [Description of the security update for Office 2013: April 10, 2018](https://support.microsoft.com/help/4018330/description-of-the-security-update-for-office-2013-april-10-2018)

- - [April 3, 2018, update for Office 2013 (KB4018333)](https://support.microsoft.com/help/4018333/april-3-2018-update-for-office-2013-kb4018333)

-description: "Learn to set registry keys to enable modern authentication for devices that have Microsoft Office 2013 installed."

-# Enable Modern authentication for Office 2013 on Windows devices

-Microsoft Office 2013 on Microsoft Windows computers supports Modern authentication. But, to turn it on, you need to configure the following registry keys:

-|Registry key|Type|Value|

-|:|::|::|

-|HKEY_CURRENT_USER\Software\Microsoft\Exchange\AlwaysUseMSOAuthForAutoDiscover|REG_DWORD|1|

-|HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\EnableADAL|REG_DWORD|1|

-|HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity\Version|REG_DWORD|1|

-> [!NOTE]

-> Modern authentication is already enabled in Office 2016 or later. You don't need to set these registry keys for later versions of Office.

->[!IMPORTANT]

-> Basic authentication is turned off for Exchange Online mailboxes on Microsoft 365. This means that if Outlook 2013 is not configured to use modern authentication, it loses the ability to connect. For more information, see [Basic authentication in exchange online](https://techcommunity.microsoft.com/t5/exchange-team-blog/basic-authentication-deprecation-in-exchange-online-september/ba-p/3609437).

-## Software requirements

-To enable MFA for Office 2013 client apps, you must have the following software installed (the version listed below, or a later version) based on whether you have a [Click-to-run based installation](http://howtomicrosoftofficetutorials.blogspot.com/2016/12/plan-for-multi-factor-authentication.html#bk_clicktorun) or an [MSI-based installation](http://howtomicrosoftofficetutorials.blogspot.com/2016/12/plan-for-multi-factor-authentication.html#bk_msi).

-To determine whether your Office installation is Click-to-run or MSI-based:

-1. Start Outlook 2013.

-2. From the **File** menu, select **Office Account**.

-3. For Outlook 2013 Click-to-Run installations, an **Update Options** item displays. For MSI-based installations, an **Update Options** item does not display.

- :::image type="content" source="../../security/defender-endpoint/images/office-2013-run-installation.png" alt-text="Screenshot of office 2013":::

-### Click-to-run installations

-For Click-to-run installations, you must have the following files installed. If your file version is not equal to or greater than the file version listed, follow these steps below to update it.

-|File name|Install path on your computer|File version|

-||||

-|MSO.DLL|C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\MSO.DLL|15.0.4753.1001|

-|CSI.DLLL|CSI.DLL C:\Program Files\Microsoft Office 15\root\office15\csi.dll|15.0.4753.1000|

-|Groove.EXE*|C:\Program Files\Microsoft Office 15\root\office15\GROOVE.exe|15.0.4763.1000|

-|Outlook.exe|C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.exe|15.0.4753.1002|

-|ADAL.DLL|C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\ADAL.DLL|1.0.2016.624|

-|Iexplore.exe|C:\Program Files\Internet Explorer|Varies|

-\* If Groove.EXE isn't part of your Office installation, it doesn't need to be installed for the Azure Active Directory Authentication Library (ADAL) to work. However, if Groove.EXE is present, then the file version listed in the table is required.

-### MSI-based installations

-For MSI-based installations, you must have the following files installed. If your file version is not equal to or greater than the file version listed, use the link in the Where to get the update column to update it.

-|File name|Install path on your computer|Where to get the update|Version|

-|||||

-|MSO.DLL|C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\MSO.DLL|[KB3085480](https://support.microsoft.com/en-us/topic/description-of-the-security-update-for-office-2013-september-10-2019-0d171ba2-2eba-a2ca-a54d-c0f568de6bcc)|15.0.4753.1001|

-|CSI.DLLL|CSI.DLL C:\Program Files\Microsoft Office 15\root\office15\csi.dll|[KB3172545](https://support.microsoft.com/en-us/topic/july-11-2017-update-for-office-2013-kb3172545-d6b47054-04d5-5154-40ba-3436d1e0efdb)|15.0.4753.1000|

-|Groove.EXE*|C:\Program Files\Microsoft Office 15\root\office15\GROOVE.exe|[KB4022226](https://support.microsoft.com/en-us/topic/august-7-2018-update-for-onedrive-for-business-for-office-2013-kb4022226-6163bb26-cbde-eb16-ac42-abfda7afbf68)|15.0.4763.1000|

-|Outlook.exe|C:\Program Files\Microsoft Office 15\root\office15\OUTLOOK.exe|[KB4484096](https://support.microsoft.com/en-us/topic/october-1-2019-update-for-outlook-2013-kb4484096-6513145a-cc75-1cd1-72b7-78cb62d8476b)|15.0.4753.1002|

-|ADAL.DLL|C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesCommonx86\Microsoft Shared\OFFICE15\ADAL.DLL|[KB3085565](https://support.microsoft.com/en-us/topic/july-5-2016-update-for-office-2013-kb3085565-1d1a6d24-fbd4-1bae-242f-a35e0e2aba40)|1.0.2016.624|

-|Iexplore.exe|C:\Program Files\Internet Explorer|[MS14-052](https://support.microsoft.com/en-us/topic/ms14-052-cumulative-security-update-for-internet-explorer-september-9-2014-17d29b71-9e78-0bc1-8961-7b812d04e4e1)|Not applicable|

-\* If Groove.EXE isn't part of your Office installation, it doesn't need to be installed for the Azure Active Directory Authentication Library (ADAL) to work. However, if Groove.EXE is present, then the file version listed in the table is required.

-## Enable modern authentication for Office 2013 clients

-1. Close Outlook.

-2. Copy and paste the following text into Notepad:

- ```text

- Windows Registry Editor Version 5.00

- [HKEY_CURRENT_USER\Software\Microsoft\Exchange]

- "AlwaysUseMSOAuthForAutoDiscover"=dword:00000001

- [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common]

- [HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity]

- "EnableADAL"=dword:00000001

- "Version"=dword:00000001

- ```

-3. Save the file with the file extension .reg instead of .txt in a location that's easy for you to find. For example, `C:\Data\Office2013_Enable_ModernAuth.reg`.

-4. Open File Explorer (formerly known as Windows Explorer), browse to the location of the .reg file you just saved, and then double-click it.

-5. In the **User account control** dialog that appears, click **Yes** to allow the app to make changes to your device.

-6. In the **Registry Editor** warning dialog that appears, click **Yes** to accept the changes.

-Once you've set the registry keys, you can set Office 2013 apps to use multifactor authentication (MFA) with Microsoft 365. For more information, see [Set up multifactor authentication](set-up-multi-factor-authentication.md).

-If you're currently signed in to any of Office client apps, you need to sign out and sign back in for the change to take effect. Otherwise, the MRU and roaming settings will be unavailable until the identity is established.

-## Disable modern authentication on devices

-The procedure to disable modern authentication on a device is very similar, but fewer registry keys are required, and you need to set their values to 0.

-|Registry key|Type|Value|

-||::|::|

-|HKEY_CURRENT_USER\Software\Microsoft\Exchange\AlwaysUseMSOAuthForAutoDiscover|REG_DWORD|0|

-|HKEY_CURRENT_USER\SOFTWARE\Microsoft\Office\15.0\Common\Identity\EnableADAL|REG_DWORD|0|

-```text

-Windows Registry Editor Version 5.00

-[HKEY_CURRENT_USER\Software\Microsoft\Exchange]

-"AlwaysUseMSOAuthForAutoDiscover"=dword:00000000

-[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common]

-[HKEY_CURRENT_USER\Software\Microsoft\Office\15.0\Common\Identity]

-"EnableADAL"=dword:00000000

-```

-## Related content

-[Sign in to Office 2013 with a second verification method](https://support.microsoft.com/office/2b856342-170a-438e-9a4f-3c092394d3cb)

-[Outlook prompts for password and doesn't use Modern Authentication to connect to Office 365](/outlook/troubleshoot/authentication/outlook-prompt-password-modern-authentication-enabled)

-[Enable Modern Authentication for Office 2013 on Windows devices](../admin/security-and-compliance/enable-modern-authentication.md)

-keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, Microsoft Defender AV, Microsoft Defender Antivirus

-search.product: eADQiWindows 10XVcnh

-ms.sitesec: library

-ms.pagetype: security

-This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you may encounter when using the Microsoft Defender Antivirus Assessment section in the Update Compliance add-in.

-On at least two devices that are not reporting or showing up in Update Compliance, obtain the .cab diagnostic file by taking the following steps:

-1. Open an administrator-level version of the command prompt as follows:

-2. Navigate to the Windows Defender directory. By default, this is `C:\Program Files\Windows Defender`.

-4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Windows Defender\Support\MpSupportFiles.cab`.

-5. Copy these .cab files to a location that can be accessed by Microsoft support. An example could be a password-protected OneDrive folder that you can share with us.

-keywords: troubleshoot, error, fix, update compliance, oms, monitor, report, Microsoft Defender av, group policy object, setting, diagnostic data, Microsoft Defender Antivirus

-search.product: eADQiWindows 10XVcnh

-ms.sitesec: library

-ms.pagetype: security

-This article describes how to collect diagnostic data that can be used by Microsoft support and engineering teams to help troubleshoot issues you might encounter when using the Microsoft Defender Antivirus.

-On at least two devices that are experiencing the same issue, obtain the .cab diagnostic file by taking the following steps:

-1. Open an administrator-level version of the command prompt as follows:

-2. Navigate to the directory for Microsoft Defender Antivirus. By default, this is `C:\Program Files\Windows Defender`.

- > If you're running an [updated Microsoft Defender antimalware platform version](https://support.microsoft.com/help/4052623/update-for-microsoft-defender-antimalware-platform), please run `MpCmdRun` from the following location: `C:\ProgramData\Microsoft\Windows Defender\Platform\<version>`.

-4. A .cab file will be generated that contains various diagnostic logs. The location of the file will be specified in the output in the command prompt. By default, the location is `C:\ProgramData\Microsoft\Microsoft Defender\Support\MpSupportFiles.cab`.

-Copies the diagnostic data to the specified path. If the path is not specified, the diagnostic data will be copied to the location specified in the Support Log Location Configuration.

-<br>

-****

-|

-You can also specify where the diagnostic .cab file will be created using a Group Policy Object (GPO).

-description: Understand the `capabilities that help prevent user or machine or both from using unauthorized removable storage media

-keywords: removable storage media

-ms.sitesec: library

-ms.pagetype: security

-## Protection policies

-### Removable storage access control

-**Windows 10 and Windows 11 support details**:

-**Supported Platform** - Windows 10, Windows 11

-**macOS support details**:

-**Supported platform** - macOS 11 (Big Sur) or later

-### Device installation

-**Supported Platform** - Windows 10, Windows 11

-**macOS support details**:

-**Supported platform** - macOS 11 (Big Sur) or later

-### Endpoint DLP Removable storage

-**Capabilities** - Audit, warn, or prevent a user from copying an item or information to removable media or USB device.

-**Description** - For more information on Windows, see [Learn about Endpoint data loss prevention](../../compliance/endpoint-dlp-learn-about.md).

-**Supported Platform** - Windows 10, Windows 11

-### BitLocker

-**Capabilities**:

-**Description** - For more information on Windows, see [BitLocker - Removable Drive Settings](/mem/intune/protect/endpoint-security-disk-encryption-profile-settings).

-**Supported Platform** - Windows 10, Windows 11

-description: Get started using Defender for Endpoint Plan 1. Learn how to use the Defender for Cloud, manage alerts and devices, and view reports.

-The Microsoft 365 Defender portal ([https://security.microsoft.com](https://security.microsoft.com)) is where you'll view alerts, manage devices, and view reports. When you sign into the Microsoft 365 Defender portal, you'll start with the Home page, as shown in the following image:

-The Home page provides your security team with a snapshot aggregate view of alerts, device status, and threats detected. The Defender for Cloud is set up so that your security operations team can find the information they are looking for quickly and easily.

-| **Action center** | Navigates to the Action center, which tracks remediation and manual response actions. The Action center tracks activities like these: <br/>- Microsoft Defender Antivirus encounters a malicious file and then blocks/removes that file. <br/>- Your security team isolates a device.<br/>- Defender for Endpoint detects and quarantines a file. <br/><br/> To learn more, see [Action center](auto-investigation-action-center.md). |

-| **Endpoints** > **Search** | Navigates to a page where you can search for specific devices by device name. In the list of results, you can see details, such as risk level and health state, at a glance. |

-| **Endpoints** > **Device inventory** | Navigates to your list of devices that are onboarded to Defender for Endpoint. Provides information about devices, such as their exposure and risk levels. <br/><br/> To learn more, see [Device inventory](machines-view-overview.md). |

-| **Endpoints** > **Configuration & baselines** | Expands to show **Security baselines** and **Configuration management**. |

-| **Endpoints** > **Configuration & baselines** > **Security baselines** | Security baselines are pre-configured policies and groups of settings that can help you apply recommended security settings efficiently and effectively. Baselines include settings that are based on industry best practices. You can keep the default settings, or customize your baselines to suit your organization's needs. <br/><br/> To learn more, see [Use security baselines to configure Windows 10 devices in Intune](/mem/intune/protect/security-baselines). |

-| **Endpoints** > **Configuration & baselines** > **Configuration management** | Navigates to the **Device configuration management** page, where you can view information about onboarded devices, and take steps to onboard more devices. |

-To view and manage your organization's devices, in the navigation bar, under **Endpoints**, select **Device inventory**. You'll see a list of devices as shown in the following image:

-The list includes devices for which alerts were generated. By default, the data shown is for the past 30 days, with the most recent items listed first. Select a device to view more information about it. A flyout pane opens, as shown in the following image:

-3. Select a report in the list. You'll see the following three reports:

-|25736 | Fixed inaccuracy in Keepass | 04-Jul-23

-[**Use trusted ARC Senders for legitimate mailflows**](use-arc-exceptions-to-mark-trusted-arc-senders.md)

-|**Windows**|Outlook|2019, 2016, 2013 <p> [Enable modern authentication](../../admin/security-and-compliance/enable-modern-authentication.md) <p> [Required updates](https://support.office.com/article/Outlook-Updates-472c2322-23a4-4014-8f02-bbc09ad62213)|

-4. On the **Syntex eSignature** page, select **Turn on**.

- b. To restrict user access to this service, select **No SharePoint libraries** or **Libraries in selected SharePoint sites** and follow the instructions to either select the sites or upload a CSV listing a maximum of 100 sites. Be sure to add your content center site if you want it to be included. You can then manage site access permissions for the sites you selected.