Skip to content

Commit

Permalink
Merge pull request #1388 from MicrosoftDocs/main
Browse files Browse the repository at this point in the history
pushing updates live
  • Loading branch information
denisebmsft authored Sep 19, 2024
2 parents 9b43439 + f441afa commit 992dca3
Show file tree
Hide file tree
Showing 6 changed files with 32 additions and 9 deletions.
16 changes: 7 additions & 9 deletions defender-endpoint/mac-whatsnew.md
Original file line number Diff line number Diff line change
Expand Up @@ -6,7 +6,7 @@ author: dansimp
ms.author: dansimp
manager: deniseb
ms.localizationpriority: medium
ms.date: 08/27/2024
ms.date: 09/19/2024
audience: ITPro
ms.collection:
- m365-security
Expand Down Expand Up @@ -37,10 +37,10 @@ For more information on Microsoft Defender for Endpoint on other operating syste

**Known issues**

Apple fixed an issue on macOS [Ventura upgrade](https://developer.apple.com/documentation/macos-release-notes/macos-13_1-release-notes), and [Sonoma upgrade](https://developer.apple.com/forums/thread/737824#773449022) with the latest OS update. The issue impacts Microsoft Defender for Endpoint security extensions, and might result in losing Full Disk Access Authorization, impacting its ability to function properly.

In macOS Sonoma 14.3.1, Apple made a change to the [handling of Bluetooth devices](https://developer.apple.com/forums/thread/738748) that impacts Defender for Endpoint device controls ability to intercept and block access to Bluetooth devices. At this time, the recommended mitigation is to use a version of macOS less than 14.3.1.

> [!NOTE]
> - Apple fixed an issue on macOS [Ventura upgrade](https://developer.apple.com/documentation/macos-release-notes/macos-13_1-release-notes), and [Sonoma upgrade](https://developer.apple.com/forums/thread/737824#773449022) with the latest OS update. The issue impacts Microsoft Defender for Endpoint security extensions, and might result in losing Full Disk Access Authorization, impacting its ability to function properly.
> - In macOS Sonoma 14.3.1, Apple made a change to the [handling of Bluetooth devices](https://developer.apple.com/forums/thread/738748) that impacts Defender for Endpoint device controls ability to intercept and block access to Bluetooth devices. At this time, the recommended mitigation is to use a version of macOS less than 14.3.1.
> - In both macOS Sonoma and Sequoia builds, Network Protection capabilities may be impacted due to changes in Apple's internal networking structure resulting in crashes of the network extension (NetExt). This will result in intermittent network connectivity issues for end users. We are recommending that customers who have Network Protection enabled in their organization refrain from upgrading to Sonoma / Seqouia builds at this time.
**Sequoia support**

Microsoft Defender supports macOS Sequoia (15) in the current Defender release.
Expand Down Expand Up @@ -1022,11 +1022,9 @@ Live Response for macOS is now available for all Mac devices onboarded to Defend

> [!CAUTION]
> macOS 10.15 (Catalina) contains new security and privacy enhancements. Beginning with this version, by default, applications are not able to access certain locations on disk (such as Documents, Downloads, Desktop, etc.) without explicit consent. In the absence of this consent, Microsoft Defender for Endpoint is not able to fully protect your device.
>
> The mechanism for granting this consent depends on how you deployed Microsoft Defender for Endpoint:
>
> > The mechanism for granting this consent depends on how you deployed Microsoft Defender for Endpoint:
> - For manual deployments, see the updated instructions in the [Manual deployment topic](mac-install-manually.md#allow-full-disk-access).
> - For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.
- For managed deployments, see the updated instructions in the [JAMF-based deployment](mac-install-with-jamf.md) and [Microsoft Intune-based deployment](mac-install-with-intune.md#create-system-configuration-profiles) topics.

- Performance improvements & bug fixes

Expand Down
12 changes: 12 additions & 0 deletions defender-for-iot/includes/site-association.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,12 @@
---
author: limwainstein
ms.author: lwainstein
ms.date: 06/24/2024
ms.topic: include
ms.service: microsoft-defender-iot
---

>[!NOTE]
>
>Currently, devices discovered in the Defender XDR portal aren't synchronized with Azure, and therefore the list of devices discovered could be different in each portal.
>
2 changes: 2 additions & 0 deletions defender-for-iot/manage-devices-inventory.md
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,8 @@ To customize the device inventory views:
- [Use filters](/defender-endpoint/machines-view-overview#use-filters-to-customize-the-device-inventory-views)
- [Use columns](/defender-endpoint/machines-view-overview#use-columns-to-customize-the-device-inventory-views)

[!INCLUDE [defender-iot-site-association](includes/site-association.md)]

## Manage OT devices

- [Explore the device inventory](/defender-endpoint/machines-view-overview#explore-the-device-inventory) including search, export to CSV, and more.
Expand Down
2 changes: 2 additions & 0 deletions defender-for-iot/set-up-sites.md
Original file line number Diff line number Diff line change
Expand Up @@ -69,6 +69,8 @@ In this stage, you configure Defender for IoT to associate OT devices to the sit

1. Select **Next** to review the site details.

[!INCLUDE [defender-iot-site-association](includes/site-association.md)]

## Review site details

Review that information for the site you want to create:
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -40,6 +40,7 @@ Current asset types are:
| Network Admin Device | Device | Medium | Critical devices used to configure, manage, and monitor the network assets within the organization are vital for network administration and are at high risk of cyber threats. They require top-level security to prevent unauthorized access. |
| VMware ESXi | Device | High | The VMware ESXi hypervisor is essential for running and managing virtual machines within your infrastructure. As a bare-metal hypervisor, it's providing the foundation for creating and managing virtual resources. |
| VMware vCenter | Device | High | The VMware vCenter Server is crucial for managing virtual environments. It provides centralized management of virtual machines and ESXi hosts. If it fails, it could disrupt the administration and control of your virtual infrastructure, including provisioning, migration, load balancing of virtual machines, and datacenter automation. However, as there are often redundant vCenter Servers and High Availability configurations, the immediate halt of all operations might not occur. Its failure could still cause significant inconvenience and potential performance issues |
| Hyper-V Server | Device | High | The Hyper-V hypervisor is essential for running and managing virtual machines within your infrastructure, serving as the core platform for their creation and management. If the Hyper-V host fails, it can lead to the unavailability of hosted virtual machines, potentially causing downtime and disrupting business operations. Moreover, it can result in significant performance degradation and operational challenges. Ensuring the reliability and stability of Hyper-V hosts is therefore critical for maintaining seamless operations in a virtual environment. |

##### Identity

Expand Down
8 changes: 8 additions & 0 deletions exposure-management/whats-new.md
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,14 @@ Security Exposure Management is currently in public preview.
## September 2024

### New predefined classifications

The following predefined classification rule was added to the critical assets list:

| Classification | Description |
| ------------------------------------------------------------ | ------------------------------------------------------------ |
| **Hyper-V Server** | This rule applies to devices identified as Hyper-V servers within a domain. These servers are essential for running and managing virtual machines within your infrastructure, serving as the core platform for their creation and management. |

### Enhanced visibility for scoped users

This change now allows users who have been granted access to only some of the organization's devices to see the list of affected assets in metrics, recommendations, events, and initiative history within their specific scope.
Expand Down

0 comments on commit 992dca3

Please sign in to comment.