Merge branch 'main' of https://github.com/MicrosoftDocs/memdocs-pr into WN8764312

Author: lenewsad

memdocs/autopilot/add-devices.md

@@ -1,18 +1,13 @@
 ---
 title: Manually register devices with Windows Autopilot
 description: Learn how to manually add devices to Windows Autopilot.
-keywords: mdm, setup, windows, windows 10, oobe, manage, deploy, autopilot, ztd, zero-touch, partner, msfb, intune
 ms.prod: w10
-ms.mktglfcycl: deploy
 ms.localizationpriority: medium
-ms.sitesec: library
-ms.pagetype: deploy
-audience: itpro
 author: aczechowski
 ms.author: aaroncz
 ms.reviewer: jubaptis
 manager: dougeby
-ms.date: 08/05/2021
+ms.date: 06/03/2022
 ms.topic: how-to
 ms.collection: 
 - M365-modern-desktop
@@ -166,7 +161,8 @@ Keep these other requirements for the CSV file in mind:
 - You can use only ANSI-format text files (not Unicode). 
 - Headers are case-sensitive. 
 
-Because of these requirements, editing an Excel file and saving it as .csv will not generate a usable file for importing into the Intune portal.
+> [!IMPORTANT]
+> Use a plain-text editor with this CSV file, like Notepad. Don't use Microsoft Excel. Because of the requirements, editing an Excel file and saving it as `.csv` won't generate a usable file for importing to Intune.
    
 When you upload a CSV file to assign a user, make sure that you assign valid User Principal Names (UPNs). If you assign an invalid UPN (that is, an incorrect username), your device might be inaccessible until you remove the invalid assignment. 
 

memdocs/intune/enrollment/macos-enroll.md

@@ -69,7 +69,7 @@ Intune supports the following enrollment methods for company-owned macOS devices
 ## Bootstrap tokens (preview)    
 
 > [!IMPORTANT]
-> This feature is in [public preview](../fundamentals/public-preview.md). It is not available in GCC High and government cloud tenants.  
+> This feature is in [public preview](../fundamentals/public-preview.md).   
 
 Intune supports the use of bootstrap tokens on enrolled Macs running macOS 10.15 or later. Bootstrap tokens grant volume ownership status to local user and guest accounts, so that non-admin users can approve important operations that an admin would otherwise need to do.  Operations such as: 
 

memdocs/intune/enrollment/windows-bulk-enroll.md

@@ -70,6 +70,9 @@ Azure AD users are standard users on these devices and receive assigned Intune p
 6. Select **Enroll in Azure AD**, enter a **Bulk Token Expiry** date, and then select **Get Bulk Token**. The token validity period is 180 days.
    ![Screenshot of account management in the Windows Configuration Designer app](./media/windows-bulk-enroll/bulk-enroll-account.png)
 
+> [!NOTE]
+> Once a provisioning package is created, it can be revoked before its expiration by removing the associated package_{GUID} user account from Azure AD.
+
 7. Provide your Azure AD credentials to get a bulk token.
    ![Screenshot of signing in to the Windows Configuration Designer app](./media/windows-bulk-enroll/bulk-enroll-cred.png)
 

memdocs/intune/enrollment/windows-enrollment-status.md

@@ -44,7 +44,6 @@ Intune supports devices running the following operating systems (OS):
 * Android 
 * Windows
 * macOS 
-* Linux
 
 [!INCLUDE [mdm-supported-devices](../includes/mdm-supported-devices.md)]
 

memdocs/intune/fundamentals/in-development.md

@@ -7,7 +7,7 @@ keywords: configure, manage, capabilities, attack surface reduction, next-genera
 author: brenduns 
 ms.author: brenduns
 manager: dougeby
-ms.date: 05/23/2022
+ms.date: 06/06/2022
 ms.topic: how-to
 ms.service: microsoft-intune
 ms.subservice: protect
@@ -40,6 +40,8 @@ Use the information and procedures in this article to configure integration of M
 
 Before starting, your environment must meet the [prerequisites](../protect/advanced-threat-protection.md#prerequisites) to use Microsoft Defender for Endpoint with Intune.
 
+In addition to managing settings for Microsoft Defender for Endpoint on devices you manage with Intune, you can manage Defender for Endpoint security configurations on devices that aren’t enrolled with Intune. This scenario is called *Security Management for Microsoft Defender for Endpoint* and requires configuring the *Allow Microsoft Defender for Endpoint to enforce Endpoint Security Configurations* toggle to *On*. For more information, see [MDE Security Configuration Management](../protect/mde-security-integration.md).
+
 ## Enable Microsoft Defender for Endpoint in Intune
 
 The first step you take is to set up the service-to-service connection between Intune and Microsoft Defender for Endpoint. Set up requires administrative access to both the Microsoft Defender Security Center, and to Intune.
@@ -52,7 +54,7 @@ You only need to enable Microsoft Defender for Endpoint a single time per tenant
 
 2. Select **Endpoint security** > **Microsoft Defender for Endpoint**, and then select **Open the Microsoft Defender for Endpoint admin console**. 
 
-   This opens the **Microsoft 365 Defender** portal at *security.microsoft.com*, which [replaces the use of the previous portal](/microsoft-365/security/defender/microsoft-365-defender?view=o365-worldwide) at *securitycenter.windows.com*.
+   This opens the **Microsoft 365 Defender** portal at *security.microsoft.com*, which [replaces the use of the previous portal](/microsoft-365/security/defender/microsoft-365-defender?view=o365-worldwide&preserve-view=true) at *securitycenter.windows.com*.
 
    > [!TIP]
    > If the **Connection status** at the top of the page is already set to **Enabled**, the connection to Intune has already been made, and the admin center displays different UI than in the following screen shot. In this event, you can use the link **Open the Microsoft Defender for Endpoint admin console** to open the Microsoft Defender Security Center and use the guidance in the following step to confirm that the **Microsoft Intune connection** is set to **On**.

memdocs/intune/fundamentals/supported-devices-browsers.md

@@ -327,7 +327,7 @@ Learn more
 
 - **Allow users to view full History results**
   > [!NOTE]
-  >  This is a legacy setting that only applies to versions of Windows prior to Windows 10 version 1703. User of this setting with a current operating system has no effect. This setting is scheduled for removal from this policy. For more information, see **-DisablePrivacyMode** in [Set-MpPreference](/powershell/module/defender/set-mppreference?view=windowsserver2022-ps) in the Windows PowerShell documentation.
+  >  This is a legacy setting that only applies to versions of Windows prior to Windows 10 version 1703. User of this setting with a current operating system has no effect. This setting is scheduled for removal from this policy. For more information, see **-DisablePrivacyMode** in [Set-MpPreference](/powershell/module/defender/set-mppreference?view=windowsserver2022-ps&preserve-view=true) in the Windows PowerShell documentation.
 
   - **Not Configured** (*default*)
   - **Yes**

memdocs/intune/protect/advanced-threat-protection-configure.md

@@ -94,7 +94,7 @@ Following is an example workflow for an application. This same general workflow
 
 ## Work with security tasks
 
-Before you can work with security tasks, they must be created from within the Defender Security Center. For information on using the Microsoft Defender Security Center to create security tasks, see [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide#request-remediation) in the Defender for Endpoint documentation.
+Before you can work with security tasks, they must be created from within the Defender Security Center. For information on using the Microsoft Defender Security Center to create security tasks, see [Remediate vulnerabilities with threat and vulnerability management](/microsoft-365/security/defender-endpoint/tvm-remediation?view=o365-worldwide&preserve-view=true#request-remediation) in the Defender for Endpoint documentation.
 
 To manage security tasks:
 

memdocs/intune/protect/antivirus-microsoft-defender-settings-windows-tenant-attach.md

@@ -40,9 +40,9 @@ You can configure Conditional Access policies based on Check Point Harmony Mobil
 
 ## Supported platforms
 
-- **Android 4.1 and later**
+- **Android 8 and later**
 
-- **iOS 8 and later**
+- **iOS 12 and later**
 
 ## Pre-requisites