From d07c5d35feaf8dcb1966d3fb1a4a6ea1b3e9dab1 Mon Sep 17 00:00:00 2001
From: BalaDelli <82196006+BalaDelli@users.noreply.github.com>
Date: Fri, 6 Dec 2024 23:27:30 +0530
Subject: [PATCH 1/4] Update support-for-windows-adk.md
---
.../core/plan-design/configs/support-for-windows-adk.md | 9 +++++----
1 file changed, 5 insertions(+), 4 deletions(-)
diff --git a/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md b/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
index ae3a593f0c..263b02fa6d 100644
--- a/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
+++ b/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
@@ -2,7 +2,7 @@
title: Support for the Windows ADK
titleSuffix: Configuration Manager
description: Learn about the Windows Assessment and Deployment Kit (ADK) versions that are supported for OS deployment with Configuration Manager.
-ms.date: 12/04/2024
+ms.date: 12/06/2024
ms.subservice: core-infra
ms.service: configuration-manager
ms.topic: conceptual
@@ -27,7 +27,7 @@ When you deploy operating systems with Configuration Manager, the Windows Assess
> [!IMPORTANT]
>
> - Windows PE is a separate installer. Make sure to download both the **Windows ADK** and the **Windows PE add-on for the ADK**.
- > - **ADK 10.1.26100.1 (May 2024)** (10.1.26100.1) or newer is required to deploy Windows ARM64 operating systems on Configuration Manager 2403 or newer.
+ > - **ADK 10.1.26100.X (May 2024, Dec 2024)** (10.1.26100.X) or newer is required to deploy Windows ARM64 operating systems on Configuration Manager 2403 or newer.
## Windows ADK versions
@@ -35,6 +35,7 @@ The following table lists the versions of the Windows ADK that you can use with
| Windows ADK version | ConfigMgr 2309 | ConfigMgr 2403 | ConfigMgr 2409 |
|--------------------------------|----------------|----------------|----------------|
+| **ADK 10.1.26100.X (Updated Dec 2024)**
(10.1.26100.X)| ✅ | ✅ | ✅ |
| **ADK 10.1.26100.1 (May 2024)**
(10.1.26100.1)| ✅ | ✅ | ✅ |
| **ADK 10.1.25398.1 (updated September 2023)**
(10.1.25398.1)|❌ | ❌ | ❌ |
| **ADK for Windows 11, version 22H2**
(10.1.22621.1)| ✅ | ✅ | ✅ |
@@ -56,9 +57,9 @@ The following table lists the versions of the Windows ADK that you can use with
- The **Pre-provision BitLocker** task doesn't work in WinPE.
- Devices with UFS storage, such as the Surface Go 4, don't work in WinPE.
- Instead use the **ADK 10.1.26100.1 (May 2024)** (10.1.26100.1) or newer where these issues are resolved.
+ Instead use the **ADK 10.1.26100.X (May 2024, Dec 2024)** (10.1.26100.X) or newer where these issues are resolved.
-- For information on applying the [BlackLotus UEFI bootkit vulnerability](https://support.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) security updates to boot images from the ADKs before the **ADK 10.1.26100.1 (May 2024)** (10.1.26100.1), see [Customize Windows PE boot images](/windows/deployment/customize-boot-image). Boot images from the **ADK 10.1.26100.1 (May 2024)** (10.1.26100.1) and newer already have the BlackLotus UEFI bootkit vulnerability security update applied to them. For this reason, it's recommended to use boot images from the **ADK 10.1.26100.1 (May 2024)** (10.1.26100.1) or newer.
+- For information on applying the [BlackLotus UEFI bootkit vulnerability](https://support.microsoft.com/topic/kb5025885-how-to-manage-the-windows-boot-manager-revocations-for-secure-boot-changes-associated-with-cve-2023-24932-41a975df-beb2-40c1-99a3-b3ff139f832d) security updates to boot images from the ADKs before the **ADK 10.1.26100.1 (May 2024, Dec 2024)** (10.1.26100.1), see [Customize Windows PE boot images](/windows/deployment/customize-boot-image). Boot images from the **ADK 10.1.26100.1 (May 2024, Dec 2024)** (10.1.26100.1) and newer already have the BlackLotus UEFI bootkit vulnerability security update applied to them. For this reason, it's recommended to use boot images from the **ADK 10.1.26100.1 (May 2024, Dec 2024)** (10.1.26100.X) or newer.
- Windows Server builds have the same Windows ADK requirement as the associated Windows client version. For example, Windows Server 2016 is the same build version as Windows 10 LTSB 2016.
From 39a56d3b8926bf19da796a38bb70eeafbb057c64 Mon Sep 17 00:00:00 2001
From: brenduns
Date: Fri, 6 Dec 2024 15:37:18 -0800
Subject: [PATCH 2/4] REvise security tasks to fix engagment issues
---
.../protect/atp-manage-vulnerabilities.md | 96 +++++++------------
.../protect/mde-security-integration.md | 14 +--
2 files changed, 43 insertions(+), 67 deletions(-)
diff --git a/memdocs/intune/protect/atp-manage-vulnerabilities.md b/memdocs/intune/protect/atp-manage-vulnerabilities.md
index 282f27df14..2c18a0217e 100644
--- a/memdocs/intune/protect/atp-manage-vulnerabilities.md
+++ b/memdocs/intune/protect/atp-manage-vulnerabilities.md
@@ -6,7 +6,7 @@ description: Use Microsoft Intune Security Tasks to manage threats and vulnerabi
author: brenduns
ms.author: brenduns
manager: dougeby
-ms.date: 03/15/2024
+ms.date: 12/06/2024
ms.topic: how-to
ms.service: microsoft-intune
ms.subservice: protect
@@ -28,72 +28,58 @@ ms.collection:
- sub-secure-endpoints
---
-# Use Microsoft Intune to remediate vulnerabilities identified by Microsoft Defender for Endpoint
+# Use Microsoft Intune security tasks to remediate device vulnerabilities identified by Microsoft Defender for endpoint
-When you integrate Microsoft Defender for Endpoint with Microsoft Intune, you can take advantage of Defender for Endpoint's threat and vulnerability management by using Intune security tasks. Security Tasks in Intune help Intune admins understand and then remediate many device weaknesses that Microsoft Defender for Endpoint's vulnerability management capability identifies. This integration brings a risk-based approach to the discovery and prioritization of vulnerabilities and can help improve remediation response time across your environment.
+When you [integrate Microsoft Defender for Endpoint with Microsoft Intune](/mem/intune/protect/advanced-threat-protection-configure.md#connect-microsoft-defender-for-endpoint-to-intune), you can leverage Defender's threat and vulnerability management through Intune security tasks. These tasks help Intune admins understand and address current vulnerabilities based on guidance from Defender for Endpoint. This integration enhances the discovery and prioritization of vulnerabilities, improving remediation response times across your environment.
[Threat & Vulnerability Management](/windows/security/threat-protection/windows-defender-atp/next-gen-threat-and-vuln-mgt) is part of [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint).
## How integration works
+
+After you integrate Intune with Microsoft Defender for Endpoint, Defender for Endpoint receives threat and vulnerability details from Intune-managed devices. These details are visible to security admins in the Microsoft Defender Security Center console.
-After you [connect Intune to Microsoft Defender for Endpoint](../protect/advanced-threat-protection-configure.md), Defender for Endpoint receives threat and vulnerability details from the devices you manage with Intune. These details become visible to security admins from within the Microsoft Defender Security Center console.
+In the Security Center console, [security admins can review endpoint vulnerabilities](/defender-vulnerability-management/defender-vulnerability-management#remediation-and-tracking) and create security tasks managed through Intune. These tasks appear in the Microsoft Intune admin center, where Intune admins can act and remediate issues based on Defender's guidance:
-In the Microsoft Defender Security Center console, security admins can review and act on endpoint vulnerabilities by taking a few simple actions that create *security tasks* for Microsoft Intune. Security tasks immediately appear in the Microsoft Intune admin center where they're visible to Intune admins who can then use the details to act and remediate the issues.
-
-- Vulnerabilities are based on the threats or issues as evaluated by Microsoft Defender for Endpoint when it scans and evaluates a device.
-- Not all Vulnerabilities and issues that Defender for Endpoint identifies support remediation through Intune. Such issues don't result in the creation of a security task for Intune.
+- Vulnerabilities are identified through scans and assessments by Microsoft Defender for Endpoint.
+- Not all identified vulnerabilities support remediation through Intune; only those vulnerabilities that are compatible result in security tasks.
Security tasks identify:
- The type of vulnerability
- Priority
- Status
-- Steps to take to remediate the vulnerability
-
-In the admin center, an Intune admin can review and then choose to accept or reject the task. After an admin accepts a task in Intune, they can use Intune to remediate the vulnerability, guided by the details provided in the task.
+- Steps for remediation
-With successful remediation, the Intune admin sets the security task to **Complete Task**. This status displays in Intune and is passed back to Defender for Endpoint, where security admins can confirm the revised status for the vulnerability.
+Intune admins can view a security task and then choose to accept or reject it. For accepted tasks, the admin follows the guidance provided to use Intune for remediation. Once the remediation is successful, the admin sets the task to **Complete Task**, which updates its status in both Intune and Defender for Endpoint where security admins can verify the revised status of the vulnerability.
-**About security tasks**:
+### Types of security tasks
Each security task has a *Remediation Type*:
+- Application: For example, Microsoft Defender for Endpoint finds a vulnerability in an app like *Contoso Media Player v4*. An admin creates a task to update the app, which might involve applying a security update or installing a new version.
+- Configuration: For instance, if devices lack protection from *Potentially Unwanted Applications* (PUA), an admin creates a task to configure the setting in the Microsoft Defender Antivirus profile.
-- **Application** – An application is identified that has a vulnerability or issue you can mitigate with Intune. For example, Microsoft Defender for Endpoint identifies a vulnerability for an app named *Contoso Media Player v4*, and an admin creates a security task to update that app. The Contoso Media player is an unmanaged app that was deployed with Intune, and there could be a security update or newer version of an application that resolves the issue.
-
-- **Configuration** – Vulnerabilities or risks in your environment can be mitigated through use of Intune endpoint security policies. For example, Microsoft Defender for Endpoint identifies that devices lack protection from *Potentially Unwanted Applications* (PUA). An admin creates a security task for this issue, which identifies a mitigation of configuring the setting **Action to take on potentially unwanted apps** as part of the Microsoft Defender Antivirus profile for Antivirus policy.
+When Intune doesn’t support implementation of a suitable remediation, Microsoft Defender for Endpoint doesn't create a security task.
- When a configuration issue doesn't have a plausible remediation that Intune can provide, Microsoft Defender for Endpoint doesn't create a security task for it.
+### Remediation actions
-**Remediation actions**:
+Common security task remediations include:
-Common remediation actions include:
-
-- **Block** an application from being run.
+- **Block** an application from running.
- **Deploy** an operating system update to mitigate the vulnerability.
- **Deploy** endpoint security policy to mitigate the vulnerability.
- **Modify** a registry value.
- **Disable** or **Enable** a configuration to affect the vulnerability.
-- **Require Attention** alerts the admin to the threat when there's no suitable recommendation to provide.
-
-**Workflow example**:
-
-The following example demonstrates the workflow of discovering an application vulnerability to remediation. This same general workflow applies for configuration issues:
-
-- A Microsoft Defender for Endpoint scan identifies a vulnerability for an app named Contoso Media Player v4, and an admin creates a security task to update that app. The Contoso Media player is an unmanaged app that wasn't deployed with Intune.
-
- This security task appears in the Microsoft Intune admin center with a status of Pending:
-
- 
+- **Require Attention**, which alerts the admin when no suitable recommendation is available.
-- The Intune admin selects the security task to view details about the task. The admin then selects **Accept**, which updates the status in Intune, and in Defender for Endpoint to be *Accepted*.
+### Workflow Example
- 
+Following is an example of the workflow for discovering and remediating an application vulnerability:
-- The admin then remediates the task based on the guidance provided. The guidance varies depending on the type of remediation needed. When available, remediation guidance includes links that open relevant panes for configurations in Intune.
-
- Because the media player in this example isn't a managed app, Intune can only provide text instructions. For a managed app, Intune could provide instructions to download an updated version, and provide a link to open the deployment for the app so that the updated files can be added to the deployment.
-
-- After remediation is complete, the Intune admin opens the security task and selects **Complete Task**. The remediation status is updated for Intune and in Defender for Endpoint, where security admins confirm the revised status for the vulnerability.
+- A Microsoft Defender for Endpoint scan identifies a vulnerability in the app Contoso Media Player v4, which is an unmanaged app that isn't deployed by Intune. An admin creates a security task to update the app.
+- The security task appears in the Microsoft Intune admin center with a status of **Pending**.
+- The Intune admin views the task details and selects **Accept**, which changes the status of the task to Accepted in both Intune and Defender for Endpoint.
+- The admin follows the remediation guidance provided. For managed apps, Intune might include instructions or links to update the app. For unmanaged apps, Intune can only provide text instructions.
+- After addressing the vulnerability, the Intune admin marks the task as **Complete Task*. This action updates the status in both Intune and Defender for Endpoint, where security admins confirm the remediation is successful and complete.
## Prerequisites
@@ -102,29 +88,23 @@ The following example demonstrates the workflow of discovering an application vu
- Microsoft Intune Plan 1
- Microsoft Defender for Endpoint ([Sign up for a free trial](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-main-abovefoldlink).)
-**Intune configurations for Defender for Endpoint**:
-
-- Configure a service-to-service connection with Microsoft Defender for Endpoint.
-- Deploy a device configuration policy with a profile type of **Microsoft Defender for Endpoint (desktop devices running Windows 10 or later)** to devices that use Microsoft Defender for Endpoint to assess risk.
+Intune configurations for Defender for Endpoint:
+- Configure a [service-to-service connection](/mem/intune/protect/advanced-threat-protection-configured#connect-microsoft-defender-for-endpoint-to-intune) with Microsoft Defender for Endpoint.
+- Deploy an Intune policy that configures settings for **Microsoft Defender for Endpoint** to devices to assess risk.
- For information about how to set up Intune to work with Defender for Endpoint, see [Enforce compliance for Microsoft Defender for Endpoint with Conditional Access in Intune](advanced-threat-protection-configure.md#connect-microsoft-defender-for-endpoint-to-intune).
## Work with security tasks
-Before you can work with security tasks, they must be created from within the Defender Security Center. For information on using the Microsoft Defender Security Center to create security tasks, see [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide&preserve-view=true#request-remediation) in the Defender for Endpoint documentation.
+Before you manage security tasks, they must be created within the Defender Security Center. For detailed instructions, see the Defender for Endpoint documentation on [remediating vulnerabilities](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide&preserve-view=true#request-remediation).
To manage security tasks:
1. Sign in to the [Microsoft Intune admin center](https://go.microsoft.com/fwlink/?linkid=2109431).
2. Select **Endpoint security** > **Security tasks**.
-
-3. Select a task from the list to open a resource window that displays more details for that security task.
-
- While viewing the security task resource window, you can select additional links:
-
+3. Choose a security task to view its details. In the task window, you can select additional links, including:
- MANAGED APPS - View the app that is vulnerable. When the vulnerability applies to multiple apps, Intune displays a filtered list of apps.
- - DEVICES - View a list of the *Vulnerable devices*, from which you can link through to an entry with more details for the vulnerability on that device.
+ - DEVICES - View a list of the *Vulnerable devices* from which you can link through to an entry with more details for the vulnerability on that device.
- REQUESTOR - Use the link to send mail to the admin who submitted this security task.
- NOTES - Read custom messages submitted by the requestor when opening the security task.
@@ -132,16 +112,12 @@ To manage security tasks:
5. After accepting a task, reopen the security task (if it closed), and follow the REMEDIATION details to remediate the vulnerability. The instructions provided by Defender for Endpoint in the security task details vary depending on the vulnerability involved.
- When it's possible to do so, the remediation instructions include links that open the relevant configuration objects in the Microsoft Intune admin center.
-
6. After completing the remediation steps, open the security task and select **Complete Task**. This action updates the security task status in both Intune and Defender for Endpoint.
-After remediation is successful, the risk exposure score in Defender for Endpoint can drop, based on new information from the remediated devices.
-
-## Next Steps
-
-Learn more about Intune and [Microsoft Defender for Endpoint](advanced-threat-protection.md).
+Successful remediation can reduce the risk exposure score in Defender for Endpoint based on subsequent status updates from the remediated devices.
-Review Intune [Mobile Threat Defense](mobile-threat-defense.md).
+## Related content
-Review the [Threat & Vulnerability Management dashboard](/windows/security/threat-protection/windows-defender-atp/tvm-dashboard-insights) in Microsoft Defender for Endpoint.
+- Learn more about Intune and [Microsoft Defender for Endpoint](advanced-threat-protection.md).
+- Review Intune [Mobile Threat Defense](mobile-threat-defense.md).
+- Review the [Threat & Vulnerability Management dashboard](/windows/security/threat-protection/windows-defender-atp/tvm-dashboard-insights) in Microsoft Defender for Endpoint.
diff --git a/memdocs/intune/protect/mde-security-integration.md b/memdocs/intune/protect/mde-security-integration.md
index ad102136f1..00cf256a32 100644
--- a/memdocs/intune/protect/mde-security-integration.md
+++ b/memdocs/intune/protect/mde-security-integration.md
@@ -1,7 +1,7 @@
---
# required metadata
-title: Use Intune to manage Microsoft Defender settings on devices that aren't enrolled with Intune
+title: Learn about using Intune to manage Microsoft Defender settings on devices that aren't enrolled with Intune
description: Learn how to use Intune policy to manage Microsoft Defender security settings on devices that aren't enrolled with Microsoft Intune.
keywords:
author: brenduns
@@ -30,7 +30,7 @@ ms.reviewer: laarrizz
---
-# Use Intune endpoint security policies to manage Microsoft Defender for Endpoint on devices not enrolled with Intune
+# Learn how to use Intune endpoint security policies to manage Microsoft Defender for Endpoint on devices that are not enrolled with Intune
When you integrate Microsoft Intune with Microsoft Defender for Endpoint, you can use Intune endpoint security policies to manage the Defender security settings on devices that aren't enrolled with Intune. This capability is known as *Defender for Endpoint security settings management*.
@@ -205,7 +205,7 @@ In the Microsoft Intune admin center, go to the All Devices page. Devices enroll
> [!TIP]
>
-> In June 2023, security settings management began using synthetic registration for devices that don't fully register in Microsoft Entra. With this change, devices that previously had enrollment errors will begin onboarding to Defender and then receive and process the security settings management policies.
+> In June 2023, security settings management began using synthetic registration for devices that don't fully register in Microsoft Entra. With this change, devices that previously had enrollment errors will begin onboarding to Defender and then receive and process the security settings management policies.
### What to expect in the Microsoft Azure portal
@@ -386,7 +386,7 @@ After devices onboard to Defender for Endpoint, you'll need to create device gro
Instead of using system labels, you can use the management type attribute, and configure it to **MicrosoftSense**.
-You can create groups for these devices [in Microsoft Entra](/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) or [from within the Microsoft Intune admin center](../fundamentals/groups-add.md). When creating groups, you can use the **OS** value for a device if you're deploying policies to devices running Windows Server vs devices that run a client version of Windows:
+You can create groups for these devices [in Microsoft Entra](/azure/active-directory/fundamentals/active-directory-groups-create-azure-portal) or [from within the Microsoft Intune admin center](../fundamentals/groups-add.md). When creating groups, you can use the **OS** value for a device if you're deploying policies to devices running Windows Server vs devices that run a client version of Windows:
- **Windows 10 and Windows 11** - The deviceOSType or OS displays as *Windows*
- **Windows Server** - The deviceOSType or OS displays as *Windows Server*
@@ -416,7 +416,7 @@ You can create groups for these devices [in Microsoft Entra](/azure/active-direc
> [!TIP]
>
-> Users that are delegated the ability to manage endpoint security settings may not have the ability to implement tenant-wide configurations in Microsoft Intune. Check with your Intune administrator for more information on roles and permissions in your organization.
+> Users that are delegated the ability to manage endpoint security settings may not have the ability to implement tenant-wide configurations in Microsoft Intune. Check with your Intune administrator for more information on roles and permissions in your organization.
## Deploy policy
@@ -491,14 +491,14 @@ You can also monitor the Intune policies that are applied from within the [Micro
- **Assigned Groups** - View the groups to which the policy is assigned.
For additional information, see [Manage endpoint security policies in Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/manage-security-policies?toc=/mem/intune/toc.json&bc=/mem/breadcrumb/toc.json) in the Defender content.
-
+
## Frequently asked questions and considerations
### Device check-in frequency
Devices managed by this capability check-in with Microsoft Intune every 90 minutes to update policy.
-You can manually sync a device on-demand from the [Microsoft Defender portal](https://security.microsoft.com/). Sign-in to the portal and go to **Devices**. Select a device that is managed by Microsoft Defender for Endpoint, and then select the **Policy sync** button:
+You can manually sync a device on-demand from the [Microsoft Defender portal](https://security.microsoft.com/). Sign-in to the portal and go to **Devices**. Select a device that is managed by Microsoft Defender for Endpoint, and then select the **Policy sync** button:
:::image type="content" source="./media/mde-security-integration/policy-sync-from-mde.png" alt-text="Manually sync devices managed by Microsoft Defender for Endpoint." lightbox="./media/mde-security-integration/policy-sync-from-mde.png" :::
From 2c7af9fcad44f7d5bef42d1e09779729a390596a Mon Sep 17 00:00:00 2001
From: brenduns
Date: Fri, 6 Dec 2024 15:41:33 -0800
Subject: [PATCH 3/4] Link fixes
---
memdocs/intune/protect/atp-manage-vulnerabilities.md | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/memdocs/intune/protect/atp-manage-vulnerabilities.md b/memdocs/intune/protect/atp-manage-vulnerabilities.md
index 2c18a0217e..86dfe65d81 100644
--- a/memdocs/intune/protect/atp-manage-vulnerabilities.md
+++ b/memdocs/intune/protect/atp-manage-vulnerabilities.md
@@ -30,7 +30,7 @@ ms.collection:
# Use Microsoft Intune security tasks to remediate device vulnerabilities identified by Microsoft Defender for endpoint
-When you [integrate Microsoft Defender for Endpoint with Microsoft Intune](/mem/intune/protect/advanced-threat-protection-configure.md#connect-microsoft-defender-for-endpoint-to-intune), you can leverage Defender's threat and vulnerability management through Intune security tasks. These tasks help Intune admins understand and address current vulnerabilities based on guidance from Defender for Endpoint. This integration enhances the discovery and prioritization of vulnerabilities, improving remediation response times across your environment.
+When you [integrate Microsoft Defender for Endpoint with Microsoft Intune](/mem/intune/protect/advanced-threat-protection-configure#connect-microsoft-defender-for-endpoint-to-intune), you can leverage Defender's threat and vulnerability management through Intune security tasks. These tasks help Intune admins understand and address current vulnerabilities based on guidance from Defender for Endpoint. This integration enhances the discovery and prioritization of vulnerabilities, improving remediation response times across your environment.
[Threat & Vulnerability Management](/windows/security/threat-protection/windows-defender-atp/next-gen-threat-and-vuln-mgt) is part of [Microsoft Defender for Endpoint](/microsoft-365/security/defender-endpoint/microsoft-defender-endpoint).
@@ -89,7 +89,7 @@ Following is an example of the workflow for discovering and remediating an appli
- Microsoft Defender for Endpoint ([Sign up for a free trial](https://www.microsoft.com/WindowsForBusiness/windows-atp?ocid=docs-wdatp-main-abovefoldlink).)
Intune configurations for Defender for Endpoint:
-- Configure a [service-to-service connection](/mem/intune/protect/advanced-threat-protection-configured#connect-microsoft-defender-for-endpoint-to-intune) with Microsoft Defender for Endpoint.
+- Configure a [service-to-service connection](/mem/intune/protect/advanced-threat-protection-configure#connect-microsoft-defender-for-endpoint-to-intune) with Microsoft Defender for Endpoint.
- Deploy an Intune policy that configures settings for **Microsoft Defender for Endpoint** to devices to assess risk.
From 42be60397bd33f7a52e58d6d330a67de55e1e869 Mon Sep 17 00:00:00 2001
From: BalaDelli <82196006+BalaDelli@users.noreply.github.com>
Date: Mon, 9 Dec 2024 09:14:20 +0530
Subject: [PATCH 4/4] Update support-for-windows-adk.md
---
.../core/plan-design/configs/support-for-windows-adk.md | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md b/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
index 263b02fa6d..9e8081e4be 100644
--- a/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
+++ b/memdocs/configmgr/core/plan-design/configs/support-for-windows-adk.md
@@ -35,7 +35,7 @@ The following table lists the versions of the Windows ADK that you can use with
| Windows ADK version | ConfigMgr 2309 | ConfigMgr 2403 | ConfigMgr 2409 |
|--------------------------------|----------------|----------------|----------------|
-| **ADK 10.1.26100.X (Updated Dec 2024)**
(10.1.26100.X)| ✅ | ✅ | ✅ |
+| **ADK 10.1.26100.2454 (Updated Dec 2024)**
(10.1.26100.X)| ✅ | ✅ | ✅ |
| **ADK 10.1.26100.1 (May 2024)**
(10.1.26100.1)| ✅ | ✅ | ✅ |
| **ADK 10.1.25398.1 (updated September 2023)**
(10.1.25398.1)|❌ | ❌ | ❌ |
| **ADK for Windows 11, version 22H2**
(10.1.22621.1)| ✅ | ✅ | ✅ |