Merge pull request #5671 from MicrosoftDocs/main

m365-skilling-repo-management[bot] · web-flow · commit 3d83ea1a20bb · 2025-11-19T12:41:09.000Z
[AutoPublish] main to live - 11/19 04:39 PST | 11/19 18:09 IST
diff --git a/defender-endpoint/android-whatsnew.md b/defender-endpoint/android-whatsnew.md
@@ -35,9 +35,9 @@ Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](
 
 **What's New**
 
-- Performance improvement and accessibility bug fixes
+- Native Root Detection for Microsoft Defender is now in preview. See the [Blog](https://techcommunity.microsoft.com/blog/microsoftdefenderatpblog/native-root-detection-support-for-microsoft-defender-on-android/4461576) for more details.
 
-#### November 2025
+- Performance improvement and bug fixes.
 
 | Build| 1.0.8303.0101|
 | -------- | -------- |
@@ -51,6 +51,8 @@ Want to experience Microsoft Defender for Endpoint? [Sign up for a free trial.](
 
 - Additional telemetry features to improve app performance monitoring and detect specific scenarios, such as entering landscape mode or invalid authentication attempts.
 
+- Fixed the bug where feedback sending wasn’t disabled in Defender app despite 'Control Feedback Sending' key being disabled (set as 0) in Intune app configuration.
+
 #### October 2025
 
 | Build| 1.0.8217.0101 |
@@ -324,10 +326,11 @@ Notify your users and help desk (as applicable) that end users must accept the n
 1. Tap the toggle for **Allow access to manage all files**.
 
    The device is now protected.
-
+   
    > [!NOTE]
+   > 
    > This permission allows Microsoft Defender for Endpoint to access storage on user's device, which helps detect and remove malicious and unwanted apps. Microsoft Defender for Endpoint accesses/scans Android app package file (.apk) only. On devices with a Work Profile, Defender for Endpoint only scans work-related files.
-
+   
 [!INCLUDE [Microsoft Defender for Endpoint Tech Community](../includes/defender-mde-techcommunity.md)]
 
 ## See also
diff --git a/defender-endpoint/whats-new-in-microsoft-defender-endpoint.md b/defender-endpoint/whats-new-in-microsoft-defender-endpoint.md
@@ -7,7 +7,7 @@ ms.author: lwainstein
 author: limwainstein
 ms.reviewer: noamhadash, pahuijbr, yongrhee
 ms.localizationpriority: medium
-ms.date: 08/20/2025
+ms.date: 11/19/2025
 manager: bagol
 audience: ITPro
 ms.collection:
@@ -35,6 +35,8 @@ Learn more:
 |---------|------------|-------------|
 |New predictive shielding response actions. |Preview |Defender for Endpoint now includes the [GPO hardening](respond-machine-alerts.md#gpo-hardening) and [Safeboot hardening](respond-machine-alerts.md#safeboot-hardening) response actions. These actions are part of the [predictive shielding](/defender-xdr/shield-predict-threats) feature, which anticipates and mitigates potential threats before they materialize.|
 |[Custom data collection](custom-data-collection.md) |Preview |Custom data collection enables organizations to expand and customize telemetry collection beyond default configurations to support specialized threat hunting and security monitoring needs. |
+| [Defender deployment tool](./defender-deployment-tool-windows.md) | Preview | The new Defender deployment tool is a lightweight, self-updating application that streamlines onboarding devices to the Defender endpoint security solution. The tool takes care of prerequisites, automates migrations from older solutions, and removes the need for complex onboarding scripts, separate downloads, and manual installations. It currently supports Windows and Linux devices. |
+| [Defender endpoint security solution for Windows 7 SP1 and Windows Server 2008 R2 SP1](./onboard-downlevel.md#use-the-defender-deployment-tool-to-deploy-defender-endpoint-security) | Preview | A Defender for endpoint security solution is now available for legacy Windows 7 SP1 and Windows Server 2008 R2 SP1 devices. The solution provides advanced protection capabilities and improved functionality for these devices compared to other solutions. The new solution is available using the new [Defender deployment tool](./defender-deployment-tool-windows.md). |
 
 ## October 2025
 
diff --git a/defender-for-identity/deploy/active-directory-federation-services.md b/defender-for-identity/deploy/active-directory-federation-services.md
@@ -18,7 +18,7 @@ These considerations apply:
 
 ## Prerequisites
 
-Prerequisites for installing Defender for Identity sensors on AD FS, AD CS, or Microsoft Entra Connect servers are the same as for installing sensors on domain controllers. For more information, see [Microsoft Defender for Identity prerequisites](prerequisites-sensor-version-2.md).
+Prerequisites for installing Defender for Identity sensors on AD FS, AD CS, or Microsoft Entra Connect servers are the can be found in [Microsoft Defender for Identity prerequisites](prerequisites-sensor-version-2.md) article.
 
 A sensor installed on an AD FS, AD CS, or Microsoft Entra Connect server can't use the local service account to connect to the domain. Instead, you need to configure a [Directory Service Account](directory-service-accounts.md).
 
