Add asr rules

Author: Brenduns

memdocs/intune/fundamentals/whats-new.md

@@ -7,7 +7,7 @@ keywords:
 author: Erikre
 ms.author: erikre
 manager: dougeby
-ms.date: 04/04/2022
+ms.date: 04/05/2022
 ms.topic: conceptual
 ms.service: microsoft-intune
 ms.subservice: fundamentals
@@ -83,7 +83,6 @@ The following profile templates are now available in the new settings format:
 | Antivirus | Windows 10, Windows 11, and Windows Server | Windows Security experience |
 | Antivirus | Windows 10, Windows 11, and Windows Server | Windows Defender Antivirus    |
 | Antivirus | Windows 10, Windows 11, and Windows Server | Windows Defender Antivirus Exclusions
-| Disk Encryption | Windows 10 and Later | BitLocker |
 | Firewall | Windows 10, Windows 11, and Windows Server | Microsoft Defender Firewall |
 | Firewall | Windows 10, Windows 11, and Windows Server | Microsoft Defender Firewall Rules |
 | Endpoint detection and response | Windows 10, Windows 11, and Windows Server | Endpoint detection and response |

memdocs/intune/protect/antivirus-microsoft-defender-settings-windows.md

@@ -31,7 +31,7 @@ ms.reviewer: laarrizz
 # Settings for Microsoft Defender Antivirus policy in Microsoft Intune for Windows devices
 
 > [!NOTE]  
-> This article details the settings in the  Microsoft Defender Antivirus and Microsoft Defender Antivirus Exclusions profiles for the *Windows 10 and later* platform for endpoint security Antivirus policy. Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details in this article apply to those deprecated profiles. 
+> This article details the settings in the  Microsoft Defender Antivirus and Microsoft Defender Antivirus Exclusions profiles for the *Windows 10 and later* platform for endpoint security Antivirus policy. Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details in this article apply to those deprecated profiles. 
 
 View details about the [endpoint security](../protect/endpoint-security-policy.md) antivirus policy settings you can configure for the Microsoft Defender Antivirus profile for Windows 10 and later in Microsoft Intune.  
 

memdocs/intune/protect/antivirus-security-experience-windows-settings.md

@@ -31,7 +31,7 @@ ms.reviewer: mattsha
 # Settings for the Windows Security experience profile in Microsoft Intune
 
 > [!NOTE]  
-> This article details the settings in the  Windows Security experience profile for the *Windows 10 and later* platform for endpoint security Antivirus policy. Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles.
+> This article details the settings in the  Windows Security experience profile for the *Windows 10 and later* platform for endpoint security Antivirus policy. Beginning on April, 5 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles.
 
 View details about the [endpoint security](../protect/endpoint-security-policy.md) antivirus policy settings you can configure for the Windows Security Experience profile for Windows 10 and later in Microsoft Intune.
 

memdocs/intune/protect/endpoint-security-antivirus-policy.md

@@ -80,7 +80,7 @@ Profiles for *Antivirus* policy that support tamper protection for [devices mana
   - Profile: **Windows Security experience**  
 
 > [!NOTE]  
-> Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
+> Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
 >
 > The *Windows 10, Windows 11, and Windows Server* platform supports devices communicating with Endpoint Manager through Microsoft Intune or Microsoft Defender for Endpoint. These profiles also add support for the Windows Server platform which is not supported through Microsoft Intune natively.
 >
@@ -118,7 +118,7 @@ The following profiles are supported for devices you manage with Intune:
 **Windows**:
 
 > [!NOTE]  
-> Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. 
+> Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. 
 >
 > The *Windows 10, Windows 11, and Windows Server* platform supports devices communicating with Endpoint Manager through Microsoft Intune or Microsoft Defender for Endpoint. These profiles also add support for the Windows Server platform which is not supported through Microsoft Intune natively.
 >

memdocs/intune/protect/endpoint-security-asr-policy.md

@@ -53,6 +53,13 @@ Find the endpoint security policies for attack surface reduction under *Manage*
 
 ## Attack surface reduction profiles
 
+> [!NOTE]  
+> Beginning on April 5, 2022, the following profiles for Attack surface reduction policy have been updated to use the settings format as found in the Settings Catalog, while the other profiles are unchanged:  
+> - Attack surface reduction rules
+> - Exploit protection
+> The new versions of these two profiles include the same settings as the older profile templates they replace. With this change, all new instances of these profiles will use the new settings format. Your previously crated instances of these profiles remain available to use and edit.
+
+
 ### Devices managed by Intune
 
 **Windows 10/11 profiles**:
@@ -83,7 +90,6 @@ Find the endpoint security policies for attack surface reduction under *Manage*
   - Behaviors that apps don't usually start during normal day-to-day work
 Reducing your attack surface means offering attackers fewer ways to perform attacks.
 
-  To learn more, see [Attack surface reduction rules](/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction) in the Microsoft Defender for Endpoint documentation.
 
   **Merge behavior for Attack surface reduction rules in Intune**:
 
@@ -106,8 +112,6 @@ Reducing your attack surface means offering attackers fewer ways to perform atta
 
 - **Exploit protection** - Exploit protection settings can help protect against malware that uses exploits to infect devices and spread. Exploit protection consists of a number of mitigations that can be applied to either the operating system or individual apps.
 
-  To learn more, see [Enable exploit protection](/windows/security/threat-protection/microsoft-defender-atp/enable-exploit-protection) in the Microsoft Defender for Endpoint documentation.
-
 ### Devices managed by Configuration Manager
 
 [!INCLUDE [Attack surface reduction prerequisites](../includes/tenant-attach-asr-prerequisites.md)]
@@ -150,6 +154,4 @@ Policy merge doesn’t compare or merge the configurations from different settin
 
 [Configure Endpoint security policies](../protect/endpoint-security-policy.md#create-an-endpoint-security-policy)
 
-View details for the Windows settings in the deprecated profiles:
-
-- [Attack surface reduction profiles](../protect/endpoint-security-asr-profile-settings.md).
+View details for the settings in profiles for [Attack surface reduction profiles](../protect/endpoint-security-asr-profile-settings.md).

memdocs/intune/protect/endpoint-security-asr-profile-settings.md

@@ -7,7 +7,7 @@ keywords:
 author: brenduns
 ms.author: brenduns
 manager: dougeby
-ms.date: 11/01/2021
+ms.date: 04/04/2022
 ms.topic: reference
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -211,6 +211,9 @@ Supported platforms and profiles:
 
 #### Attack Surface Reduction Rules
 
+> [!NOTE]  
+> This section details the settings in Attack Surface Reduction Rules profiles created before April 5, 2022. Profiles created after that date use a new settings format as found in the Settings Catalog. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles.  
+
 - **Block persistence through WMI event subscription**  
   [Reduce attack surfaces with attack surface reduction rules](/windows/security/threat-protection/microsoft-defender-atp/attack-surface-reduction)
 
@@ -543,6 +546,9 @@ Supported platforms and profiles:
 
 #### Exploit protection
 
+  > [!NOTE]  
+  > This  section details the settings you can find in Exploit protection profiles created before April 5, 2022. Profiles created after that date use a new settings format as found in the Settings Catalog. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles.
+
 - **Upload XML**  
   CSP: [ExploitProtectionSettings](/windows/client-management/mdm/policy-csp-exploitguard#exploitguard-exploitprotectionsettings)
 

memdocs/intune/protect/endpoint-security-edr-policy.md

@@ -65,7 +65,7 @@ Find the endpoint security policies for EDR under *Manage* in the **Endpoint sec
 **Intune** – The following are supported for devices you manage with Intune:
 
 > [!NOTE]  
-> Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
+> Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
 >
 > The *Windows 10, Windows 11, and Windows Server* platform supports devices communicating with Endpoint Manager through Microsoft Intune or Microsoft Defender for Endpoint. These profiles also add support for the Windows Server platform which is not supported through Microsoft Intune natively.
 >

memdocs/intune/protect/endpoint-security-edr-profile-settings.md

@@ -30,7 +30,7 @@ ms.reviewer: mattcall
 # Endpoint detection and response policy settings for endpoint security in Intune
 
 > [!NOTE]  
-> This article details the settings in the Endpoint detection and response profile for the *Windows 10 and later* platform for endpoint security Endpoint detection and response policy. Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details in this article apply to those deprecated profiles.
+> This article details the settings in the Endpoint detection and response profile for the *Windows 10 and later* platform for endpoint security Endpoint detection and response policy. Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details in this article apply to those deprecated profiles.
 
 View the settings you can configure in profiles for [Endpoint detection and response policy](../protect/endpoint-security-edr-policy.md) in the endpoint security node of Intune.
 

memdocs/intune/protect/endpoint-security-firewall-policy.md

@@ -54,7 +54,7 @@ Find the endpoint security policies for firewalls under *Manage* in the **Endpoi
 **Platform: Windows 10, Windows 11, and Windows Server**:
 
 > [!NOTE]  
-> Beginning in April 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
+> Beginning on April 5, 2022, the *Windows 10 and later* platform was replaced by the *Windows 10, Windows 11, and Windows Server* platform.
 >
 > The *Windows 10, Windows 11, and Windows Server* platform supports devices communicating with Endpoint Manager through Microsoft Intune or Microsoft Defender for Endpoint. These profiles also add support for the Windows Server platform which is not supported through Microsoft Intune natively.
 >

memdocs/intune/protect/endpoint-security-firewall-profile-settings.md

@@ -30,7 +30,7 @@ ms.reviewer: aanavath
 # Firewall policy settings for endpoint security in Intune
 
 > [!NOTE]  
-> Beginning in April 2022, the *Windows 10 and later* platform and profiles for Windows devices were replaced by the *Windows 10, Windows 11, and Windows Server* platform and new instances of those same profiles. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details for Windows profiles in this article apply to those deprecated profiles.
+> Beginning on April 5, 2022, the *Windows 10 and later* platform and profiles for Windows devices were replaced by the *Windows 10, Windows 11, and Windows Server* platform and new instances of those same profiles. Although you can no longer create new instances of the original profile, you can continue to edit and use your existing profiles. The settings details for Windows profiles in this article apply to those deprecated profiles.
  
 View the settings you can configure in profiles for *Firewall* policy in the endpoint security node of Intune as part of an [Endpoint security policy](../protect/endpoint-security-policy.md).